(navigation image)
Home American Libraries | Canadian Libraries | Universal Library | Community Texts | Project Gutenberg | Children's Library | Biodiversity Heritage Library | Additional Collections
Search: Advanced Search
Anonymous User (login or join us)
Upload
See other formats

Full text of "دورة احترف أمن وحماية الاجهزة الشخصية"

4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



4^juiuJ| ojiaJ| 9a t£alc)| (paaluioU d= 
.. ^^a«y.I| ojAa.(J| <p|aalui| cfis9 



<U^ajxJ| o jAa(J| djlo^9 tp| c£|pn| oj9a palao:: a|oc| 



(^-^^i) 



jU* 



00970599861 963 :: J|oa 
z83(fl)live.com :: cfcjpji^jyi ajjJ| 



Jjt\lju±l\- 3/2011 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



i^iii 



t 







<L— «jL»]| 


A 


l^jjbij Jji^ui! a^lajj : jjSn^i 


H 


cjLuLua^lj cjLLj*j : ; JjSfl oo^' 


n 


WINDOWS XP c*i o-*» Jj4jj ^ ^2 :: ^&! o-j^l 


tr 


(^1^ Jj^Jjj j»UaJ cujjj : ; diiijii oo^l 


£A 


a^aj]| k£&! :: jjijii QMjils 


00 


cjlLjauil :: y *' a 11 (jjjjill 


oV 


£>*Vl jtiyfliil jjifl : ^jLuiii (j-jiil 


nn 


^SljJIj CJliUi! pljji ojj Jjiil : «L-11 u-j^l 


vr 


^liaj]) J <a-v* • £>*Ui]| (J4J.i]| 


vv 


^iJaiit AjLa^j (j^ai j^JS : < _ 5 Jl^It ^oiAJI 


A^ 


iHuijjj&I (> AjUaJl ^»Ijj : JjSfl o»j.iJI 



A£ 



; CjLuajj^l <>> AjUaJl gu>l jj 



AV 



hjUl\ Qlj^l gL^ljj ; ^A) y^jjl 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Ht 



nn 



^ »y 



s \ s 



UA 



^ro 



\ it 



S it 



>OY 



S oo 



^ov 



^Iaj jUil *U| J) (jb A ■ a ■ ^-\la qa\ jj ; dtjujl (j^j^J 



Sjjk*"»M (J-- -^"'ll djt^M<^ g^aljj ; g-jljM cHJ^ 



(JlAiLailj tlAjU&JI j^'"**' g-*)jj : (_>" a1- *-M q*j<^ 



^UaHl ^j CJljJuJI 4jfll>a ; ^Jlutil Qaj.ll 



j Y Y AjAjlaJlj A^lil^l djVLufljVI Qaai /jjjaj g^ljj : g-jluJ) iHj^ 



^Jj-.4 *t) jj^Jjj 4&JXA U'jtl , ,.) . ^aUJ) QMJ^l 



t^jSJVI ^^fr gcalj^l paai ; fruaUJI cHj^ 



^A^*:,..At) i km,u jj^j . (^]nil fruifti 



^jLJaJ) t AjJUaJI t CAcj.^) jjfr jL&JVI ; JjSfl cHJ^ 



j £ V .. <-flL> ^jj jj^iilj jj^ailj gg^>)j^l ft££ jjg- jluaJVI; ^1^1) iHj^ 



.. dujlJVI ^a^a"" ■ A ^J* 1 ^ *Lalft ^jL^j ; diMji qjj^ 



2uO*l 



fr»b*l 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 




: cfiJ| cjli£j| |oA c£a*j 



dJuUiiiJI feto=k 9 dJU>UiiiU| *t> 



j 9 a (jJUJI |a^ g9J9 c£s9 c£ jj jj J* | cfidc 



giAjy Xjj^^hI^;>>.^^^;^U..>Iq 



tj gli39J LqAJ (J9 < a9aaJ|9 <taLui«l| 



<oA IoIjlo Lio^J la iK^9 < 2ua^iSy| 



J9 <til| do^j LojIS9 Ij|aj9 lialfo 



jlS j£ jjuL : dJLtzi 3J1"'^ 



t lAi^toL ||ijaal| J9^j jj 



^||3J9 MH &H>=* ^^tfa g^ili UJ9 



c£oJ| <olal| <%^ai cfidc Jo^ll? IAjUjJ 



| cdzi) ip ^A,Aim| 



..0UL&d|cSJd|dilL 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 




a^Vmmti w ^,..-.t fj^ IfUajj <> Jj V Jl£ jt&JV! ^ A^bS USji jlaJ 

Jflj t C5 JljJiC' JS-uu ' gJ^LuMj Jflj c5J^' OJ J ^-^ j^ 32 J^ tr^' rfl** 1 "^ •V'" 

. Ka* ±a.lj Jji! 4^»* Oj^j 

6» *^J^J JS cf^'j ' .-^"^^ >il*JI IJA (^ ^-u»ij AjIaa. t_uiLuii aIxjj ji itiluMjj 

(jA&hAA £)\ J! JJjl&Jl J^-JJ Oj^£ CujJJV! OjliJj (> t-iic-l 0' l*^ 
.. L£a JiJjS diaJl £Jja ^i b& jpj &aj 4jL»C jbL» (> jjSI Ojjaj CujjJVI 

.. ^ft3H Jl^Sfb *b j^I JbJl ^ Jtf 4 ASlj^lj oJW^ <JtJ|lyit ^ ^> 

.. jtfraJ) Je* U*£ S Jj^>> 4-uabt jj«a yajj cUaaj _ ^ 

. i ^fl"" "-^1 (j^a-wJl ,j^ 4jal£Ul ajj CJj^ jl jJJjfl J^*JJ J„'? ■ ""' — t 

3l.lj.rilj CJLuujjjiil ^Ijji - flUa a ^jjj Jjb'jilj 4-uabUl CjUjIla]) j^Jj _ 1 

Jfl ^ill ^!j^V» Jij^Vlj JjbUJI 6UU ^ cfl^lu^ril Jb^JI ^iJ^luit - V 

. AjjLuujjjj* jj Ajj»J^ $J* l^\ ^34 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



Jiu Jl^j ^.^ittt jL^aJ! Jib jl Cuj^VI ^ U£Ubu 4ilS Js. ^L&UaIIj 
jjjS jj ^jj S& ; ^J*-^ '* V^^"'J ^ J L$-aAl (-jLvuuI SjsJ (iUJj 4j,^j,>*4tj ^-*^ 

^jjj ftjiia 4>3% .£ <|ll <|JU^ f VVmml l ^j t ^ij jQj ffrK*^ J& 
) 4^K A£awJ! Jc ^jaj <^l &aaJ! CJLiaC c_i£i ^ luSj a-iaJ <Uc J^uuil 

• • • *»N^^ ^ 



. . 4 *j >at) A. a<-v\| U^ jjfc j£ j lmj ,jt l— iAJ t fl La J 



■I^IH^ 






L-tUii 



^J>*i f tJafl ,J& I ILau LaC- Laib t^iaaiij t ^l^Jl ^Jj*^l LaiJIj ^ LuJaluil 

jl fiaulm U£fi (iL'j^U^j ujjjj^I u 1 f^J^I cr^^ ^ij ' ^> y.^Mu Lac da&JI 

CjUi«a 0>-^ Ija^b j-*\ J*j ^»jj OJ>^ bi'^ &Mt^\ ls& OH 
Jflj k±A%jtf\ ^4ljJl f VjA -^-■■■■; Jfl 4£Uj ^t Sjaufl 4 AjIjjIj CJJjSJVt 
jj^I U jjCj ^USflj AjJl^l fi&t\ j^u ji ^IjJl ^ ^t>> Ori>i f^3«y 



n 



f^ui ^1 ^ Jajj ^i iil ^Jbj U«-a IjxjUS 



^a)jj]| 3ijx*j 4 dLLa^a ^IjJi^l ^fl jjSLp V^^ - ' ^j»^» <> cHJ^^ <l£*% 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



jau^I diaJli ujUill *lj>l <jax# JaxjM <>j L ^ulj JjSLp jjhH JU 

. jaLulo JS-uu AjjJajj cjU£]| jjjlajj jaLuiLui <&1 f Liu <j|j t yj^* 

.. f JllII jlAuaVl ^ l^jla ^ialj AL** tibial Jj ^Pf^- 6- J* J^J 

. J>»^ U^ C>^* U^J^J f**^ 45* J^ MJ^ J^ 

. Aj.uat.Aj CmJ <_jJV 4 UJlSjjiajUl (j^axj ^ AjSjj) j2 Ua^ j) 

18/03/2011 . 0-^& - S> - ( u-j* j*i ) <#>~ JUk 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



9 |J| ^m^Jj 



ijl^J^iaJia^ui 



.. AOllSl (j£ fiAiJ 



2if^A\ ^ni 4jii«i <>j Aiiiui! ^iiukiiij ^ijJi Sjbjj cmA\ 

\jp*h " ^ J " o-^j «( Seven , Vista , XP ) jj-^j cA>-jj%Ui 

.. f jjS JSjS ^Uaj 

JjIa^ "j t; 4 ftHa all CJflj-uijjSjLa JJLujj *L&laJ) Cjjjjj ^ „'*,'*.' ><^l )>^ ,-JJLiui 
MJlxufl ^ <LujiJ ,Jfr ^jUil A^lubail jLoj&I 4uiL£ JaaII Jj^ailiLs Tulajj jj 
Cj^la-*! A^LaJt £)jj Jjjj LojSj 4 1 iiiL JjAL^&II tumI Ujjjjjj A^uil^J Aja-ajj 

Ojjjj^I J^?J 4^ f$*k OjJj J « ffc »J*JJ Ch^I lPWJ^ 0j^-^^ &£& 

.. jx-vatjj AjLa^II (_>AU)L CJ^la-4il (illj t-jNirnt (j-4 

C£j&i\ £fll>>j CiliUl! cJJJ Jjjftll V«Ai Jc £}U£U l^xuaaJ CJUjka £4 
Cja Lijll JUS ol j^l ^ki! <> ^1*1J ^31! UaLM Jj\ \±i <&1 4£jj J*i 



8 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



lUj|ei :: J 9 (J| oujall 



J::J 9 UUi=J| 



j^uuj jji jjtu»jii (ja jjjxii jj^j ja ajVU-4 Aii^j du^Ji ^ixii Jjaj u ^ai ji 

ba.jIjJ£Ul JU-4 q\£j a ujIkJl JlwiiL J&H»]| <jA il tgJ>uajj ^jkaJl £jla 
L^i^I&it (liftfcLu) Cjja. jjjlajilj Aijx^Ii TUjUij j-a J& Aa-uaVI j^^irtll jA 

CJljjIajil (JJ&jLuiJj t Jjfl ,j^ Sjjli jJ^lj fcj** (3&"i C^Laj1xa1\ J^Ljj 

Jil AjJUaIIj Ac-jLiaII yokii jjL^I SjjS JI AiLbVb IJA t ^JUJI 0^*- 
l-luAJjj JS-uu <_iAJ (j* 4 JjJa J& <LajIfcAil 4-Jaauj 4SjxaI| £)£■ <^a»LII J^& j«uijj 

. Jjlxftil 42jxaI| jjlajj j*^i«Jl A&jut £a 



£lz.jjuA\ As-LLua jU-a ^fl djfljj Uj L^jijI^I Jfr ^1 jib Xajjiiui & 
J]| JajLuijH XAftAj (Jj^^ilj jjjjiilj jja^IL jl 4jU£]L La) <. joAlLaJl «Auajjj 

.. <&l f Li 0! ^»^^> AjUjJI JjIjJ ^ (J^t fj&2 

1^ 4?inijo <jAj < iaafi ^JlxJl A^luLftil Jjij CJlLjauil dJA 4»a^_a <Qaa^L» 
LUST t UA U^j o^ »-&-^ J^uali^l 6C- &*jj ^ Ul ^.oJl l$£ljj| jJaiual 

:: ^uaiuiii Sj^Sfl JL>* ^ ^ ^%^ 
Hardware Jii^j^-M - ^ 

Software ji>ia>^ - t 
. <iU J JI L»j CjliL>j j^-a 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 






Hard Disk ^jjt^l • 
c_JUtl! J jA j 4 ^bj^l jLSil ^ ^ jl ^ 

Ram f Ijll • 
^ jUj) ^y,,,,^) <je cijauj AjS>]! SjSI^I 

. jt^jJ! 4*-^ Jc j^jj Jil\ £*1\ ^\ <> \+L 

jUaJ jt v-i^jj 4 <ba <uiHjii tjjUjLftii *ai 

. Jjia. jt^ *!>^ UjSfl JU ^ JuflflSfl 

Motherboard fSf! AAjli! • 

Cards M^V 1 AiJ^ 1 • 

^Aj -^*" haIi ljIaUj^! auA aVI ^Ajiii < _jfr 
.<iiij jjc. j .. ^ujj^Ij Jii^i! cjjjS i^jic Ailaij 




Power Supply l&btt Aj> • 



10 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



f Uu&lj SJ^aVI ^ 0& Jj>i! Aij3L*i AJUi! jj^i! £jIj 

.. ^ Jj^ 1 ^J^J j^ 3 LT 1 * 






Mouse lhj^I 



Keyboard -Uu^l 



Monitor 4-uL-JI 





V 



^^> 




Webcam tj^ 



<iL-j J2& Flash Disk 



USBJ^ 






Speakers £A*U« 



CjUljkutf ! is jU DVD 



Headphone 



11 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



:: J jinn II ^Lalaji - £ 

^La^aJL **1\ Jjfl ,j^ <jVt /V^i - IaIuiaMj ; f a>4-.,„a jxj A 4»JaJVI 
lluufl jj^lijj 4^ i_yS\ jj^lij fA j AJa&l till! <> Cjljl^a! V cfcuJUJl 

jA ^j o-SI Jj^JJJ fUaJ £l £A>uijjliU Jj«-wiJ 4-alaJi ^^C <-jjW^ 

. <>SMj fcj-yJl l^oAl Sjj^ ^Ijj 0- ovi ^ J^aaSf! 

TLmij Ig^l 4iLuaVLj <iIUA t dli^jil CuaiA CJSj^djjSjLa 4»«iajt <j^J 
Jfljfl 4^ui ^Uul (> Jj^ljj Cjfl>wjj%L» (j-ifltij (J ^JJ^I 6* ^^ 
Ajj^i Al tiljjjj 4>JaJl 4J£uJ| (Jjj - IaIuiaII J^J Sjjiil dJA ^2j UISlj 

ililjijl! <> JjJxSI tiLuuSI fjj ^ ^UaJ ^ <_>*SI Jj^Jjj £1 £aj 
<illS ^Ia3u» <# <^JJ J£* t3^J ;^-—; J! jU 4J| VI 4jfl SjJaaJ! 4ja-ajji! 

. giljl! fl&ttl IJA ^J2j 
^CJ L^»AJ SjjjS LIJaj AajAii Sjfu. J&flj JJaafr! <^j <>^ JJ%J -^J 
t U>II <> AIjU Aiulu. Jl AiLdVb k^Mj Ajj^J! Sj$aV1 &**. 
^Luj AMaaiil ^ikj AJ^ij dJ*j IfU Jfl 0^^ J ^*^ JJ^J 0^ fr«J 

. 4j (iL-wii JljU u^jjC- JJ^?j 

£| ^ CJfl>-jjSjU jjjjlS oV! J± JUaII IJA ^ S^ljll A^^lj 
. (Iifl>dujjSjL» Jj^Jjj CJljI^al Jc \^jui £ JaI£ Jlwu Sjj^il 
tt \ 'tf\K< y \ S jj^lijil CJljI^al £)g fjljii! ^fl Jjjiil ^ajJ Jj^ 



12 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



^fmidows 




2000 



/#W Microsoft- 

/* Windows 



Block style 



Block & continuous style 






Continuous style 



Marquee style 



mil 



C y Windows Vista 



Normal state 
Marquee style 

Paused state 
Error state 



£ * Windows' 7 



Taskbar button 



Normal state 



Marquee style 



Paused state 



Error state 



J Igl 


j a 3 


IP 


1^ 



lluufl ^ (j*^ JJ^J L&S&J CjIjUHVI (>a»j giUJ £*Iajj Sj>-fl 




13 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



^J*JJ ' M ^jIaI! J^J J J^' £^ ^ ^J^l d ^& >J^»J^I 0! 

. CJlLjJuJL I JA 

.. IjSj & <ULlajj 

<> j! 4 ^irrvfill jLfaJl f \j& (^p. <iiu> jSIjjj Jfl o^aljflj J^U. <> IJAj 
(> 4- n i.Ja 4fi-^ujj* ^te- ^jiaj 4JljkwV jjJjfl £^ui £jla fludj 



f Wmia jUL» t (> jjSSf ^Jl-A^ ^>IJJJ it JC- JJJJ V t$-L» jj^uL o il ^1 

dH j!^a. j-a CJluujjjiil (> JjJslSI jAj fj Jflj 4 ^i ^J>^l fUaAll 
oJA (> AjU^JI jjfljjj L^jLaald ^jj uiifj 4^uJ| ^ CJlSj^l 
£l&j&\ Jaau ^UiAl Vji lfa.Ujj ^ ^ ^3Jlj SjjJaJl CjU-jjjiil 

■ t ' t " uj 1^ ^ laJL yj (jt ^Jlfr - ^** ; - A -^ * j iflJ ; ■'**' «-«ljjil fiJA ,jl V) ' AjjIj** 
^1 -I IaIi -I (ill ?tAuu cr^'j (lujiuVl /J& 4o*^jSa1| jt^ljail jLwoJI 

. 4J|^utl 4aUJ| ^jJ ^»Ujj 



14 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



.. AjUaJj £u»|jj j^-u.1 £>*j 









Bitdefender 





AnH-Vlrus 3yetem 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



JalaJl ^L^alaJl ^|JaaA-l <> f fr abu Al OjJjaj &&£^ W •J**^ *J^' <A$ 

Internet Explorer j* j jj-^jJI & 




Mozilla Firefox ^i"Vm 




f*2ajj UjjkSj j^-aj»]| 4ajjL»]| £j»IjAj (J Jxl t£j& ^Al !iij>> 2&j& jjj*j 

^l^-aj £>aI dtJjjJI £) a ■ <aj La«a <ilb ,J| Laj t A^lail AjLajlx* ,Jfr JaliaJlj 
jjfljj uiifj l^jkual £taj ^lil CAituaVI U£^-« ^Lufllail IJA Jjaj U ^At <>j 



16 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



Google Chrome ^alaj 




Google Chyotme 



Cft #-:-:3 ft 




CEL3D 



l*JL O^J^I 'Luj <^» **J<^ <> J ' ***M JSjS ^J^ £132) <> £iuai« jA j 

jj^| ^! JljSi! ^ IjUxL JS a^jia USflj jj%J! Jlilai L^uai JjSl^l 
bf- Ijflj Jjaj tfrfcU. f jUm! ALjJa CjIjL- jIa* ^k- l^xkj lA\*1\ ^fl ^Vl ^-SSf 

CjUi) >^AiVI ^ (J^>^ j^% JO^- 4 O^J ' 1"^'?^ V^^ W^ J^^^l ^O^ <*^J 




17 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



::IP<^<#VI-V 

4-^uil J^^ (j- 4 LH^ ^^ <-Aj*^i A* 4JLuij 4i J**JJ La>^ >llxll ^ j^'" j£ 

. £l jJxl! jA <Utuijll ^ f ^ ^A UJ! j i ia&2 

U I Jl 1^1 dUJV! v*j Jti\j kp a L& \ CjUjIjlaI! ^Al <> <#! ^ tfVl jj2juj 

. AjJI^aII S-aljJ jj£ UL-atjj jl xSIjaI) (jixj UikJ 

lA JjIaj ajj <jl ^ *..'*"* tlt^a jjj*1u) 4jL»a (-ull '-) -^ "'■■■' ,jSJ &1 Ut La£ )JA 

Qawqaj <^£ <il.iiL U j£ SI ?S<l> jj jjL»| <_jU£1| 1 JA <^£ j!ja1u«VI Jfr <joj^l£ 

^fl JJUllj 4j1& j aall V) ^^ ." > ^"' 1 "* J^^ *Lajfll £>* 0J%^ <-i& (Ja Ia2 

. jJL^ll <Lail& t_ujiuj 4jIA j) 

t tiSjl^aJ oJjljllj SjJluai! CjUjIxaSIj (iUVtuajl 4j£l>« 4j1£ <&! JJL ^lauluij 

. k\ £JL 4*^ f^» ^ ! JA j£j 

U£ 4iaAJ t^L» j£ £jj J«aL ^ iSji gjjj J5H <> & J&-" f% ^"JJJVI J& <ilJI JJC- 

: : Lis jii. s jm jkJ! ^ &*.*& 



20.100.0.50 



254 jA flSjSri <illi <> fSj JSI <^a&! ^Jlj oljid! J* ^ 

/http ;//www.whatismyip.com 
/http ://www.ipmap.com 

. 3^.jaJ! oiij f jSj ^ ill jjjil! Ujjc-j 
ti^V Ifua a u ^jJilyij t j-aLl Jlwu ^iidii J^ ^ ^Vl jjj«j! ^»ljJ <ilUA J 



18 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



:: MS-Dos >*ljSft 4*>» ji q«j^\ - A 

JjJ*il ^i ^Vmii Oil jb»j uaajjUJIj ^Vmmti £jj JaUjII A^aIj Jjj j$i 4JI 

.. >»ljSflj 4 j inn \ | 



XP jj-^j j 4J) J>-ajil f%J 
CMD *£K ^ ^3^2 £ i^l j!*k <> 

::^Uilj^! JUS 



. Windows 



^jaLiil j^j eleil J5lje 







Mozilla Firefox ^10^ 
Microsoft Office Outiook ILL^ 


£7 


Media Player Classic Rfj^\ 
Microsoft Office Word iff 'firs- - 

WinRAR ^B 
\ Adobe Reader 9 H 
" |BR Reader J-' 




1 -— «3| 








■onnnn 



<C> Copyright 1985-2001 Microsoft Corp. 



:\Docunents and 



Active Connections 



s\user>netstat -an 



Local Address 

0.0.0.0:135 

0.0.0.0: 445 

127.0.0.1:1033 

127.0.0.1:1063 

127.0.0.1:1064 

127.0.0.1:1065 

127.0.0.1:1066 

127.0.0.1:5152 

192.168.1.108:139 

192.168.1.108:2799 

192.168.1.108:2824 

192.168.1.108:2835 

192.168.1.108:2836 

0.0.0.0:445 

0.0.0.0:500 

0.0.0.0:4500 

127.0.0.1:123 

127.0.0.1:1900 



Foreign Address 

0.0.0.0:0 

0.0.0.0:0 

0.0.0.0:0 

127.0.0.1:1064 

127.0.0.1:1063 

127.0.0.1:1066 

127.0.0.1:1065 

0.0.0.0:0 

0.0.0.0:0 

74.125.230.144:80 

174.37.106.5:80 

188.161.245.147:80 

188.161.245.147:80 



State 

LISTENING 

LISTENING 

LISTENING 

ESTABLISHED 

ESTABLISHED 

ESTABLISHED 

ESTABLISHED 

LISTENING 

LISTENING 

ESTA] 

ESTABLISHED 

ESTABLISHED 

ESTABLISHED 



Netstat -an 



19 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



|j^ f Ui| 4^ J^L-j 1^.1 jjj flu-, <^l £*b^ ^ ^ f jafc Jfl3 * 



*g ui&L Ig utij TLuUJ Jflj ; <iljt$AJ JJ-iail Jj^J JS Aja-4jJ JljSI (JJ^i t-ila jA 
AJaJL ■■"' J2 jl 4i^U SJj^jaI) JjAuj CjIjJI <j^*j 4j|J|j w *"*■**' M Jj^J jl ' 
IgJI < _ f &Jj ff-alj^ 4ju.ua.rt A La a CJU^frl (j^ajfr ^ CJlSjJiil (J^mu CJLuijjjiil 
Jljfll <jAt!j iil£j*S 4cLL<a <> uiiliil ^fl Jfcj CjU-jjjiil <> 4jLfr> j^kS 

^1 A^lluaj AJbtaxil CJlij^l (JA ff\ ^l^j) CJLujjjjiil o JA jjffe Jia ^jj fJ o^J 
CJtajlaJl <> jjjiib 4S\j& £&)& l^IajjJ i^l£>£II oJA £& * &ua. 4ja-ajj 
Jfr jk. , yj ^wjIj pUai j!ila. £>« L^-rtC-J ajjj t aILjlS! ^ <UiaVI CJLumjjAilj 

£a!jj iil£j*i <>» Qjtjj^l\ j^kS Jill CJha-ajjJl jlaxj £J«aj 4jJ& (j^ajill ^jj 
4 hat a ritual jJ-uflj jl ^^uujjil «-aUjJl J^b CJliLiaVI o JA Jj9jJ f I^ujj 4J-aaJl 
( flJ^j ULa-4 L^juJjj ajj La UIL& CjLuijjjS ^ ft J A f a J' CRJJ^ ' fl^aj a$J&J 

Jllul fij dm. CujjJVI Jl CjLujjjj^I jluuJI tejui ijexAS £ajjj 4 <iliJ Jl 

. J^aljjll JjUjijj Jjjj£tyl JjJ^lj jljjilj 2^l^l J^ <> t*J>- LHJJ^l 



:: CjLujjjja]! £l^j| 
Sjj^il 

^■uulS <ilij Jl AiLbVbj * j-ali^Sfl 6^ 0^" ^ jA j>^» J^! «-»^ 

^ Luiin uj-uij j-ujjij cjuijk^vij <iLu J j jzm s sj^.i ^ tuiiis i^i 

, uLuxail jL^aJl A^u. Jc S jf^VI (> JJfr 

: Trojan Horse 0^>J> 

(ilJl^A j^ £$ Q tuny'W jja^ 4a^» jA J t 4-ujI^i CJLuujjjiil ^Ijjj jitti (>> 
4 Ajfl »-iJ^>> J^ ^t^ 1 (|' j' O'JJ^ U?\ J J^J ^"^i ^!id ^i Jj ta^Ua) 



20 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



j>2aJl (j-flljl Jj*ii fJC- £j» ^UjjjII j&l i yjJl SJjJ £j»J fjj IJI Jl^utfr 

:: jj^l^il Jlilai ^tu.^A _ ^ ♦ 

Aja^jJ! &\jpS\ gjJ jjSl^J! 0^ J-^ *-kfc ^uj^ ^Qaj fJ ^Ikuxa jA 

<> cjUjkAii j^u IjjK jjsu jj j* IjIaHj ^i i$ jl^l jj%N Ui ^lUlt 

i Sj^aVI JjIjj^I (j^Ia-uiVI -^*"' ( a^j (JjUjUaJI Ijiuulj «. jL\ jl jA*Aa 
oJA Jl ^Jaj Jl£j <-ubJI IJA ^fl 4-uxuaklail 4jjj*JI CJblLUil JUJ jlaUllj 

JljlkVI AjI}^ jiwall <> CjIjjJ Ifcifl Jajfl * fUl Jl tiftl <> ^pu^l 
« ^ Jc Jjljafl jjSt^l jl^ Jl ( ^jiLall 8 jf^l ) U^JI J>-=JJ 
foJ*j fjj cJUi! ^S AjI Jxaj t <Uk- ljjjjj Uj J^aSfl JljSil <-*^J IJA j£j 

,c_jAJ 
l$JKia. ajj Cf j|j<uiC' jS^u qA^uH jJJjfl jl Jl>^ UJ^ ^ AjjUxoil ^jix^il 
fr>2a al l JjjaJj £jUaaJl j*i5J ^yu^i Sjjfta. CjIuujjja j) CJtfa. J& L$*£J 
t (JjAaJI JL^aII IJA ^S lji«JJ f^l 0^ ^£ t 4 ^ <^* d J^J t^J*^' 

!!!. t^l j^ tj».jijj£ill **J tfk V 6- <J Jj^ Jj J Oa lM ^ Cj-ajj 

Ajiuiia (jjfii jj% jj^uJi ciu«bUj c ^ksi lifS jjtwjUi j-* ojjjj^i oi vi 

aj ; AIj j| AjIjA ^UII jjSI ^ AjIaxJI diA rl^J vj^j ^* Jj'j '.'J?J ; " W^J 
LliJ J^UlLwIj «-aJil ^ AJflj^ uj v-uiLutl >1*JJJ 4jaja-4ll CjIjUI^I ^fl £"*& 
2 a^lut^l AjjiiLuil cJfri jl Jjijil J&il IJA ciuuljj Jj « j;*^"" — tt uflaua 
* AjLc-j ^U2.l ^ ^Sj VJ^JJ VJ^ t;:i ^HJ ' *** 6 J^ l^>^a^ jl£ jVl 

.. J_jJa]|j JjJaII Jaj JLf? Jl jiil ^> jiAu U JSj 4jSf 

; <&l jJL aLlHum 

• •♦ ♦ y 

.. 4JUVIj v^ljli CLfa -^ v 1 — JjU ^1 * f i ^1 Jj^ua <ililk Ja j^^-j 



4 JJaflbU ^»VI jjj«j Jjjj <> JS ^1 Jflj 



21 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Ajk- _ ^jjJI £C -4JC- ii) 4^a> SjjjA ^! £& fly* dljj g ni i nl l duiaJl ^1 
4JP <Oit (jjjij bllll VJ^ 0" 1 * ^JJ^ cK>* L^ LH^J (j* 4 ) : J^ 4j» -a^luJlj S^L^il 
tSjiVlj blill (j* AjIc <&l j**j >jdu J& j^ <>tj c^»La]| ^jj <_ij£ <>» 4jj£ 

cHi (jA LgJI cjjSJa <tPbUl (> ALi tJlJxjj Slj^l ^fU :^^-« Jj ±a*\ JlS 

^ic cjAjS! oil! (jf(ftSjaya Uj : cjttfl ^jlu«j £>i iib iftfLii :CjJl3j 4cH Ui! 

j* <JSi djSJ i&2 cuajjxaIIj J^l <^* £^J^ cr"' Wi t JaIa jVl blj cr uiiJ 

<^j>u-l t ^^irtiii V 4j*J^ <^1» jA UJ! J-ta. <> ^j b» £lj 'crKJJ <^Ji cA*^ 

.J* J J* <&1 <^J^ 
btlij) ^j blj (Ujij*a CauJaj SjjS Jxjj .("u^irt aj tbp& CjLuij bj^£ (Jjxaum 

^AjJ AjLu CjjjIj <A** CJllJj cjl^lj £jil! ^ CJjflaU .Jji>*ib 
Aaillb ^ jL ^! jjc. 4 S!>4]| <£ffi CjaIL jS <^i cijiLi CJJ! : !jUIS ^U>U bpJa&ij 
SjIc ^A <bpj| yip ti>uaj y£l ^SU 1 g \Ut"\ Ji 4»J AiUUI ft^Aj t J>!>4ll ^k 
1JA yk. cjjjau-Ij.. <iUJ yk- Jj^. ^!j jfti JS ^U" t 4 ^ <^^ ci > ul 
4 jj]^l ^j2 O^Ip <y* ujlii UJxjj .UJji^>j SIjaII (j J ^1 (3jJj JIjIaII 

^j .AjjLLftil aV) t^J ^Ji^i 4^11 M n<no1l i^iLaj t^JV cr^ - " ^ UulaP Uja. 

Jti\ aAIj^I yA 6JA j^^jj ^j yi CJllSj taAlj^b 4j1L>j» bj^a U}x^j SIjaII 

(> ^JJJJ l^j I Jlj ^iuu ^fl yA b>j .I jljj i n Jbk yi Ci*^»j tiluiaflj Upl jjP Up 

Jbjj^l Jja (j-a AjII ujji) O^-JJ Al*iAJ Aj (Jjjj^jj Us >&JJ (jl-uuUl Uili. jS2j" 

^1 ^ijj ( M) Jjaj Alt ^ U && JaJb CJj^ll oj^u. bf b>j Jjj& LjJj Aj'j] 
oji !sS2 (Y > ) Ii$2.j JjU- l^iut ^>Aj JjS bf- b>j (t ♦ ) ±j&[£\ ^ 2UJ jjLail 
^ j] U IJA Alj£ Jlij Ija *jj3) ^l^ajd ^Ua& ^lk UL^d |JA ^> 4J1& ^ 



22 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



::BotNet*iOj*M-U 

ui^luu V 1+& j t JUJ1 Cjijil ^ CA^uJlj CJL*u.>Ail u&jj ^uSj jjSI 
AjUaJI (j^yii OJJ*% uiy&Jj <JjJII <>aLLu.Vl ^i^lu«j Jj i £VI i^l£>£I! 

QAi&ty £• 0% {1 Al\ VI JbJI OJ^I tRji <^ £« ^» f^^S ^ t SjUai! 

cjUjujj>> ji AjAiUii UflUii JjS (> djjjkij <j ^j1\ ^l £i£ jj ojjjIajM 
tii£>ill uii^iu.) ji AjUaii A^uilj cjc jit j^a jAj i^ii* * Aj^u- cjISj^j 

^fl (^)j < a^LalaJ) ^ AjIoVI CJljifUl f Ija. 4.AA.iia AuJLa ^luia. jj£jj UJJtS ^jjJl 

.. >! 0* <|Sf ji ^V! ±jj 6^ U jcbj dH 

Cil CjjJ! f IjAa *VjAj J^aVb AJbUfr iil£j*i <> AjjUI *jj CujjjVI 0* 

CjLuUa^VI £*?jj j^abw.Vl <-fl«i£u-uj <> Jac Jgm* ^ (BotMasters) 

<> >S! Jl <bfl Lbw^l JJ& £JLj £>l£ 4±\£&\ {ZCuCijj jjS! j * AilLLJI 

. fcOalb 1^ *i^ ^j jA j t JI4A Oil 825 

jU^JI *— ifuil Jfl i bjA±A niUu UJ^ij uJliil ^ Cu CJjjil (JJLaaA dul£ AjI^I ^ 

^4 (jAjai Jj^^i 4A>^".,,.Atj <LJaJ^) ^ SjjjS CjIjxj ftjfl j) j aa^< j) t 4^]aJVI 

^ UJa ' L1£L ^Uali! Jib ^ji! jjAj ^UI! jj 4-*U CJU^u» Alj^l jj>l$l\ 
#l\ju& jJL^\ o^su lu Ajxi 4JjS jjju V OVI ^ ^J^» 0» V! t jrfti! 

^! Jxaj * JVI Jlji^VI AJjUa] AikU ujj]LuiSf! <> JJJS g-aJ *jj CJJ Cjjj]| 

CJjjil jLuluI ui^j ^j-uiLuiVI ^J^ >a-ua tii^L (j& Sjbfr j j^; ■ ■■ A^uail Jl^ 

. CjI^L Aj.ualiJl jfj jl) Jft Cjjj JS JiAuj c 0^" JJCr J^' tp 



23 






6 j$aV! <jU^j <>l cjIjj^I djjJ 



: : <lu ilijiJl £^a>U j>^il c>a*J 



File View Favorites lco\i Commands Window Help 

\ I df I « ii I S 1 09 9 il I rf a* 4 1 4 4 1 8 m I B HI p I 2 




DDoSeR 3.G2 - Registered To: Hack a Day 



Menu 



Main | Passwords 1 Logs | User Chat 1 Settings | 



Zombies Online: 1309 



Status 



Version 



Country 



1212.68.243.218 
3188.24.107.155 
379.115.239.93 
3 194.42. 154. 170 
3195.189. 209. 82 
3 89. 34. 97. 187 
379.114.255.50 



.117.95.151 



189.45.39.224 
3 86. 121. 70. 129 
3 82. 78. 36. 104 



Idle. 



3.61 



Australia 



Idle.. 



Idle. 



Idle. 



Idle.. 



Idle. 



Idle. 



Idle. 



3.61 



3.61 



3.61 



3.61 



1194.187.121.20 



Idle.. 



Idle., 



Idle. 



3.61 
3.61 

3.61 
3.61 



Australia 
Australia 



Australia 



Australia 



Australia 
Australia 



3.61 



3.61 



Australia 
Australia 
Australia 



TjGix] 



05 



Windows XP x32 
Windows XP_x32_ 
Windows 7 x32 
Windows XP x32 
Windows XP x32 



Windows XP x32 
Windows XP x32 



Australia 



Windows XP x32 
Windows XP x32 
Windows XP x32 ; J 
Windows XP x32. | ijjjgjj 



Victim: | 151 .205. 177. 187 



-UDP 
Packet 5ize: 




Packet Number: 




Delay (ms):p0 


|6500 


6500 



Type: [j]^ ^j Port: [£5 Freq: [ M edium zl 

-Flood Timer 



f" Use Delay (ms): pOOOO 



5tart Flood 



5top Flood 



;Socket Status: 82.141.95.55 Disconnected 



Peak: 1310 Uptime: 12:13 




24 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 






Bifrost 

Poison Ivy Rat 

Turkojan 

SpyNet 

Cerberus 




passwords 

server pa .■ • . ,■■•, 
1^ accessories 
:T*I settings manager 
nanage keyboard 
5^ extra 

erver properties 
@ system information 
~f) fun manager 

■' local tools 



TURKMAN/ 

TURKOJAN 

Copyright CigiCigi Online 

1997 - 2008 All rig fits reserved. 

Made in Turkey 



±jzd I :IPJ 




|,|. i-[,ja. ; SucmSFIugri 






. J\si\ VJ xii %m o* cJiiii J yk j . <^j j$£s ^ du dij j^j 

^3llj 4-ualiJl ^>ljji! jJjkSj 4^jjJ! J*£s> <> !j* Jjj Jj libtial g-aljjJl ftJA 
JlilaVI ffcJ fljji dti jjC-j f bVlj ' AjU-jXJI jLa-aJlj CJUjiaJ! <> l^afrJ fjj 

fA>iaj Jfl £>A4 fl ^Vmml l AjUa <-J«ifJ VJ*^ L#?**J^ (J* U^i' f^ ^^ 

!!! <> V! ^ V s^l J J* J < 



25 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



: : Server Jij^V) g^l jj Jo*"* jl o^lJ! - ^ r 

ljUIaC- jla^l Ajiaatil dJA Jf^J ' b J4*4 <J^ Jj^-6^ AjLaj^la jSjjUjJI 

:: Ail^-unl ^ ^ ill Jl^aJ! ^fl 4JUI! *Uu,VI aJA 



.. .iSjlila £i*a> t_ii*j JjJ*jj J^aJj Ajjj JjIIaI! gjWinij - > 
,. iiL 4-ualiJ! jjj^il CjLaJS xxaAi ^JJJ ■*! !^ > "" "J — ^ 



t djl^Aj AjU^Ixa 4>j fkul UjjC- Jjiaa] ^fcyijj jUaiSfl &JA (ilj^j £l ^^USI 



f liiya^ij vjisvij ^ijiSrij Sjivi -s j^jV! ^Ldii ^ ^ cJ^^^ u^ 

J J J. lAj^a 4|Sf ff^aj«J ^^u V «^^W Ori^'j 

^ (J > J u-jJll c> JjSfl f JaJ! 4/ Jj« U £j*i ^ 

^iuaj ^1 Jjj UjL» ILua^ ^^jSj ^1 ^^C- qajz>\j t ^wtSl AjIjj ^jSj V :: 4— ul a A 



26 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



:i * 



Lu'Laa|::cfiGttl|4=J| 



jLduJI £_jLu^ <x>lij ^ dtij 2010 fl*j 2009 ^ ^ULu^l C jlaiu,j 



Number Of: Spam emails £ m g j | (JSeTS Computer viruses 

Internet users watched videos Websites 

B logs Emails se ^ ted imafies Domain names in 2009 



Email 



90 trillion - The number of emails sent on the Internet in 2009. 

tfJtuuj) ^j Jti\ JjtuujJt *&> : <xl^ jilt 

247 billion - Average number of email messages per day. 

200 billion - The number of spam emails per day (assuming 
81% are spam). Ai^^t JjUujJt <> Al^ Uj ^ jJt ^ SjL^t JiUujJt jj^ 



Websites 



234 million - The number of websites as of 2009 



Social media 



126 million - The number of blogs on the Internet (as tracked 

by BlogPulse).^j^Vt J cjUjx^I jjp 

84% - Percent of social network sites with more women than 

men.^^& 4-uujSjla A^milt bula JIajJL AjjliLa f Luull Ajluu 

350 million - People on Facebook.4# o^t cjLUua jj^ 



Videos 



1 billion - The total number of videos YouTube serves in one 
82% - Percentage of Internet users that view videos online 



27 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



Web browsers .. 3^1*11 juL^SJI £*L# y4 iilyu <^j 




Malicious software SjL^t cjU^jJ) 



148,000 - New zombie computers created per day (used in 
botnets for sending spam, etc.) 

Cjj CjjjJ) ^ Sj^aVI <j-a Hxl\ life .\nVi *jj ajj j£ 

2.6 million - Amount of malicious code threats at the start of 

2009 (viruses, trojans, etc.) 

(ViHiit ujl\ CjLuujjjiJt jx 

921,143 - The number of new malicious code signatures added 
by Symantec in Q4 2009. 



Internet 2010 in numbers 



Number Of: Spam emails ^^pg j | (JS6TS Hosted imagQS 

Internet users Watched videos Websites 

BlOgS Emails sent Domain names in 2010 



Blogs 



Domain names 



Email 



107 trillion - The number of emails sent on the Internet in 

2010. 

294 billion - Average number of email messages per day. 

1.88 billion - The number of email users worldwide. 

480 million - New email users since the year before. 



28 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



89.1% - The share of emails that were spam. 

262 billion - The number of spam emails per day (assuming 

89% are spam). 

2.9 billion - The number of email accounts worldwide. 

25% - Share of email accounts that are corporate. 



Websites 



255 million - The number of websites as of December 2010. 
21.4 million - Added websites in 2010. 



Internet users 



1.97 billion - Internet users worldwide (June 2010). 
14% - Increase in Internet users since the previous year. 




Social media 



152 million - The number of blogs on the Internet (as tracked 

by Blog Pulse). 

25 billion - Number of sent tweets on Twitter in 2010 

100 million - New accounts added on Twitter in 2010 

175 million - People on Twitter as of September 2010 

600 million - People on Facebook at the end of 2010. 

250 million - New people on Facebook in 2010. 

30 billion - Pieces of content (links, notes, photos, etc.) shared 

on Facebook per month. 

70% - Share of Facebook's user base located outside the 

United States. 



29 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Videos 



2 billion - The number of videos watched per day on YouTube. 

35 - Hours of video uploaded to YouTube every minute. 

186 - The number of online videos the average Internet user 

watches in a month (USA). 

84% - Share of Internet users that view videos online (USA). 

14% - Share of Internet users that have uploaded videos online 

(USA). 

2+ billion - The number of videos watched per month on 

Facebook. 

20 million - Videos uploaded to Facebook per month. 



Images 



5 billion - Photos hosted by Flickr (September 2010). 

3000+ - Photos uploaded per minute to Flickr. 

130 million - At the above rate, the number of photos uploaded 

per month to Flickr. 

3+ billion - Photos uploaded per month to Facebook. 

36 billion - At the current rate, the number of photos uploaded 

to Facebook per year 



CfutilSj l^ £titf\ Cuj&ti ^Viiim S djk u^j g^l (&Ji\ *iA £u\l 

hi£ ^ijju o^j » vj*^ <> ^">JVI ^ ^ jauj <> Jbjj ii! fUi 0) 

jji&! <|jaj ^lj 4-i«aUil jaJl IJA ^ <jj*J V ^^ f-iia. 4 njtnt j ,uhVi 

L)A&J LfcJ**^ <> J&& ^ £>J ^ ^< J ' JJ»J 45^ J^' J^J 
.. fjjjfc ^ i 4 ^lijU J* OjIwj <Jj^ ^JL O^JjUi jf> i ^jLai] jiuil] 



30 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 






Windows XP c£sj <jii^| J9&JJ9 



Aa& J ajj JljLa 4jJ£j ^*j ' ".'J J^-"* ' ^Jl*ll - ^"" ""^ ^UaJ 4JV jJjJfAj^II Jl^-a 

Windows XP is the most popular operating system. The Windows family 
counts for almost 90%: 



|2011 


Win7 


Vista 


Win2003 


WinXP 


W2000 


Linux 


Mac 


January 


31.1% 


8.6% 


1.0% 


45.3% 


0.2% 


5.0% 


7.8% 






2010 


Win7 


Vista 


Win2003 


WinXP 


W2000 


Linux 


Mac 


December 


29.1% 


8.9% 


1.1% 


47.2% 


0.2% 


5.0% 


7.3% 


November 


28.5% 


9.5% 


1.1% 


47.0% 


0.2% 


5.0% 


7.7% 


October 


26.8% 


9.9% 


1.1% 


48.9% 


0.3% 


4.7% 


7.6% 


September 


24.3% 


10.0% 


1.1% 


51.7% 


0.3% 


4.6% 


7.2% 


August 


22.3% 


10.5% 


1.3% 


53.1% 


0.4% 


4.9% 


6.7% 


July 


20.6% 


10.9% 


1.3% 


54.6% 


0.4% 


4.8% 


6.5% 


June 


19.8% 


11.7% 


1.3% 


54.6% 


0.4% 


4.8% 


6.8% 


May 


18.9% 


12.4% 


1.3% 


55.3% 


0.4% 


4.5% 


6.7% 


April 


16.7% 


13.2% 


1.3% 


56.1% 


0.5% 


4.5% 


7.1% 


March 


14.7% 


13.7% 


1.4% 


57.8% 


0.5% 


4.5% 


6.9% 


February 


13.0% 


14.4% 


1.4% 


58.4% 


0.6% 


4.6% 


7.1% 


January 


11.3% 


15.4% 


1.4% 


59.4% 


0.6% 


4.6% 


6.8% 






2009 


Win7 


Vista 


Win2003 


WinXP 


W2000 


Linux 


Mac 


December 


9.0% 


16.0% 


1.4% 


61.6% 


0.6% 


4.5% 


6.5% 


November 


6.7% 


17.5% 


1.4% 


62.2% 


0.7% 


4.3% 


6.7% 


October 


4.4% 


18.6% 


1.5% 


63.3% 


0.7% 


4.2% 


6.8% 


September 


3.2% 


18.3% 


1.5% 


65.2% 


0.8% 


4.1% 


6.5% 


August 


2.5% 


18.1% 


1.6% 


66.2% 


0.9% 


4.2% 


6.1% 


July 


1.9% 


17.7% 


1.7% 


67.1% 


1.0% 


4.3% 


6.0% 


June 


1.6% 


18.3% 


1.7% 


66.9% 


1.0% 


4.2% 


5.9% 



31 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



^ C£UUil <> % ^ * (> VJ^^ CJluLuaa.VI JjSj U£j tjf^l JJ^J J&iJ 

!! ^ 

U »Vhh j ' >&l fa JSj ^biil J^-J ^Lia^jj fa l£ f^Vtniini j t$jte- f LLIIj 

( : J-aiiib ^aJi S jf^ij 4jt^ SjbV Ja> <£i <> i>! <jjb Sjj^l * Wp! ** 

tfcjfl Jjj <^!j Sjj^l*]) g2t j*2t ia.! <> XP jj%j jM Sfj! J*aJ <ji uiaj 

Aijau» ^uj jj^iii cL-bUj ^jk; upi V! ^ij^ii <iin <> j&to *>j* ^j^ * 

t .yaU^ jIjaj Ja-4 ^1 ,j^ aUsUI 4j|j]auil flj-uij ajSj jl c 4_aL^VI (j* 4 J^' 
(il^uaj i^jUa ajj ^jjaj J3 4JljlxuiVI <jV (JJJ>« j^a (j«« l^jjlwu <ilj| JSIjj 



^311 CJJjij*VI Jc CjUjj^I CJlj-^fr <ilUA S jSfl ^k- * ^UJI ^Ua^l 4_L#j ^ 

J^ Del + F2 jj Jl4^< e^l ^ ^"^ ' ^ t ^ 1 ^3^2 -^ «4ti -^ 
^1! JIjj Jfl ^Sf! cjUj] j^ju £ji Del + F2 ^*^ajj « t^V lib ^i^iluij 




32 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



jl j^jjj t J^lu. Jluu Jl^aJ! ^ f&&2U j^aliJl £aUjJI <£LUi g%ui UJsu 

Bios Setup Utility Oa d^'j V"^ »^ tf JrfMfW £0 C^ ,iA J 

This AmiBios Require you to press DEL key to enter setup 



AMIBIOS(C)2006 American Megatrends, Inc. 
BIOS Date: 03/02/06 20:15:54 Ver: 09.00.07 



Press DEL to run Setup 



Checking NVRAM.. 



now you will see some similar screen and choose the BOOT option and choose Boot 
Device Priority and choose first boot device to CDROM and second boot device to 
HARD DRIVE You can press F10 to save settings. 



BIOS SETUP 
Main Advanced Power 



► Boot-Time Diagnostic Screen: [Enabled] 

► QuickBoot Mode: [Enabled] 

► Scan User Flash Area: [Disabled] 

► After Power Failure: [Last State] 

► On Modem Ring: [Power On] 

► On LAN: [Power On] 



Securitv Exit 



1st Boot Device |[CDROM] 
2nd Boot Device [Hard Drive] 

► Hard Disk Drives 

► Floppy Drives 

► CDROM Drives 

Specifies the boot sequence from the available devices 
+ - Change Option 
Fl General Help 
F10 Save and Exit 



(c)Copyright 1985-2006, American Megatrends, Inc. 



On Award Bios you will see some similar screen and choose the right key to Enter 
setup 



33 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



Award Modular BIOS v4.5 1PG, An Energy Star Ally 
Copyright (C) 1984-98, Award Software, Inc. 

ASUS P2B-DS ACPI BIOS Revision 1012B 

Pentium III 650Mhz Processor 
Memory Test : 262144K OK 



Press DEL to run Setup 
08/05/00-i440BX-P2B-DS 



Now choose Advanced Bios Features 



Phoenix - AwardBIOS CMOS Setup Utility 
Standard CMOS Features 

Advanced BI~ 



Advanced Chipset Features 
Integrated Peripherals 
Power Management Setup 



/PCI Configurations 



PC Health Status 



Frequency/Voltage Control 



Load Fail-Safe Defaults 



Load Optimized Defaults 
Set Supervisor Password 



Set User Password 



Save & Exit Setup 



34 



4j<n^niN Sj^Vt 4Jj*^j (Ja\ uilji^l SjjJ 



and set First Boot Device to CDROM and Second or third to HDD-0 and Press F10 to 
save it. 



Phoenix - AwardBIOS CMOS Setup Utility 



Virus Warning 

CPU Internal Cache 

External Cache 

CPU L2 Cache ECC Checking 

Processor Number Feature 

Quick Power On Self Test 

First Boot Device 

Second Boot Device 

Third Boot Device 

Boot Other Device 

Swap Floppy Drive 

Boot Up NumLock Status 

Gate A20 Option 

Ata 66/100 IDE Cable Msg. 

Typematic Rate Setting 

Security Option 

OS Select For DRAM > 64MB 

[Disabled] 

[Enabled] 

[Enabled] 

[Enabled] 

[Enabled] 

[Enabled] 

[CDROM] 

[Floppy] 
[HDD-0] 

[Enabled] 

[Disabled] 

[On] 

[Fast] 

[Enabled] 

[Disabled] 

[Setup] 

[Non-OS2] 



Item Help 



On some Dell Systems you can enter bios by pressing F2 



35 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



F2 = Setup 

F12 = Boot Menu 



Now choose Boot Sequence and then arrance 1 to CD-Rom by pressing - + and press 

space to enable it 

Press ESC and choose save settings and exit 

Dell - Dimension 8100 
ntel Pentium 4 Processor: 1.30 Ghz 
LEVEL 2 Cache: 256 KB Integrated 



System Time 
System Date . 





Primary Drive .... 
Primary Drive 1 .... 
Secondary Drive 
Secondary Drive 1 



Boot Sequence 



* 1. IDE CD-ROM Device 

* 2. Hard-Disk Drive C. 



SPACE to enable/disable | +,- to move down/up 



System Memory .. 

AGP Aperture 

CPU Information 



Up/Down to Select | SPACE +,- to Change | ESC to Exit 
On some Dell Systems you can enter bios by pressing F2 



Boot Device Menu 



2. Diskette Drive 

3. Hard-Disk Drive C: 

4. IDE CD-ROM Device 

Enter a choice: 1 



36 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



Sometimes you can press F12 to temporary boot from cd on some Dell Systems 



PhoenixBIOS 4.0 Release 6.0 

Copyright 1985-1999 Phoenix Technologies Ltd. 

All Rights Reserved 

Copyright 1996-1999 Intel Corporation. 

4S4EB2X0.05A.0009.P08 

Micron Electronics, Inc. 

Intel(R) Pentium(R) III processor 450 Mhz 
640K System RAM Passed 
255M Extended RAM Passed 
512K Cache SRAM Passed 



Press F2 to enter bios setup 



ROM PCI/ISO BIOS (P2B-DS) 
CMOS SETUP UTILITY, AWARD SOFTWARE, INC 



STANDARD CMOS SETUP 



BIOS FEATURES SETUP 



CHIPSET FEATURES SETUP 



POWER MANAGEMENT SETU 



PNP AND PCI SETUP 



LOAD BIOS DEFAULTS 



LOAD SETUP DEFAULTS 



SUPERVISOR PASSWORD 



USER PASSWORD 



IDE HDD AUTO DETECTION 



SAVE & EXIT SETUP 



37 



4j<n^niN Sj^Vt 4Jj*^j (Ja\ uilji^l SjjJ 



and set Boot Sequence to A,CDROM,C and Press Esc and then F10 to save it. 



ROM PCI/ISO BIOS (P2B-DS) 
CMOS SETUP UTILITY, AWARD SOFTWARE, INC 



CPU Internal Core Speed 
Boot Virus Detection 

Processor Serial Number 

CPU Level 1 Cache 

CPU Level 2 Cache 

CPU Level 2 Cache ECC Check 

BIOS Update 

Quick Power On Self Test 

HDD Sequence SCSI/IDE First 

Boot Sequence 

Boot Up Floppy Seek 

Floppy Disk Access Control 

IDE HDD Block Mode Sectors 

HDD S.M.A.R.T. capability 

PS/2 Mouse Function Control 

OS/2 Onboard Memory > 64M 

MPS 1.4 Support 

650Mhz 

Enabled 

Disabled 

Enabled 

Enabled 

Disabled 

Enabled 

Enabled 



Disabled] 



HDD MAX 



Some Computer has Option to temporary boot from Cd/Hdd/Floppy/Usb Device, Just 
keep tapping the F8 button to get Boot Menu and Now choose your manufacture of 
CDRom. 



38 



4j<n^niN Sj^Vt 4Jj*^j (Ja\ uilji^l SjjJ 






Setup is inspect ing your coMputer's harduare configuration. 







Enter ^-al ^ ^ £^&] 4JL SjpJl 4JL2A\ a i* 

.. ^jjUaII 4a jI <> R uija. iai-Ja! ^JaJI f Ualll £^V Ui 

tjjj£ jjSjIui AjJUII AlaiJi j^^jj ' ■^^ , A^ '"v. Enter ki,^*,„ IajLj 



Windows XT Profes 



Welcome to Setup. 

This portion of the Setup program prepares Microsoft CR> 
Windows <R J XP to run on your computer. 

* To set up Windows HP now, press ENTER . 

* To repair a Windows HP installation using 
Recovery Console, press R. 

* To quit Setup without installing Windows XP, press 



39 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



? !±kiu.V! AjSUjI Jc- <jaljj ^ f ! cj^fllj f !>- ^jjUJI 4a jJ <> F8 jj -^^aj 



tlindous XP Licensing flgreenent 




Micros of t Uindous 

enij — user license 

ihportani-rerd ca 

License flgyeenent 


HP 

dgr 

HEF 


Pro f~e s s 1 n a 

EEMENT 

ULLV = Tills E 
EULA"> is a 
1 or a singl 
"licrosoFt so 


X 

n d — U s e r 

Xe^aX agreement between you 


Oai-jioi.-a.tion For t 


lie 


Ft ware product identified a Love, 


media., printed ma 
and In t.e rnet — fa as e 
addendum to this 


■,: -::■ 
d 


3' 


ials,. "onXin 
A may a com ]p 


e "" or> electronic documentation, 

oduct">- An a. men dm e n t r 

any the Product. VOU AGREE TO »E 

BV 

E USING THE 

HOT iNsrn LL 
RN TT TO VOUR 
IIHD 


BOUND ffV THE TEUM 
INSTHLLING, COFVI 
PHODUCT. rP VOU D 
OK USE THE PRODUC 
PLACE OF PURCHASE 


1 : 
i 





f This eula 

or otheruis 
ot agree, tjo 
vou mav retu 

R A FULL REP 


1_- GRANT OF LICENSE 


Microsoft grants you t>ie following x-itjhts 


ItroM ided that </o 
tli is EULA i 

** Ins ta 1 X at ion a 


Li comply wit 
nd use . Von 


It all terms and rondit n_ n s of 
■nav in.sta.ll, use, a-ccess. 


d is p I_a sf ■&" a 
comiiur ei*„ s. 


run one copv .0 
ucJi as a <.- j 1- !k s t 


F the Producrt on a single 

a t 1 n _, terminaX ox- at Iter dc ulcer 


< "Woi-kstat i 
fair mope tJia 


on ConiiMter") , T he Product ma«j not be used, 
n two C2> processors at .iny one time on -t n y 




UK 







Enter ^LJal\ *j <. aJc <\nnl l jjjj <^l oajii! jtiiib >j£j 



is XP Professional Setup 



TJir following list shous the existing partitions and 
impart it ioned space on this computer. 

Use the UP and DOUH ftK'ROW keys to select an item in the list. 

• To set up U in do us XP on the selected item, press ENTER. 

• To create a partition in the impart it ioned space, press C. 

• To delete the selected partition, press D. 

4095 MB Disk at Id 6 on bus on atapi U1RR1 



rarlitxonl LHew tKaw?J 



4MB r rib \ 4UDb nrl free J 



Unpart 



ENTER=Install D=Dele*e Partition F3=Quit 



ntfs CiA rf ^ J*^ < <$* ^^ aj> ($m H" 1 ^ ty ^ u 

( : J^flSf! jA JjSf! >uJ! jLilll V) O^U^I da 



40 



Win do us XP 






Setup 


not 
ps to 

:r. 

rent 


formatted, 
select the 
part ition 


Setup uill now 
file system 
For Windows XP, 


Prof e 


ss ional 


Thr: partition you selected is 
Format the partition. 

Use the UP and DOUH hRROU hei 
you want, and tlven press ENTl 

If you want to select a diffe 
press ESC- 


id.JJutiri 
Format 
Format 
Format 


WTlf !■ 1 

t he p 
t Jie p 
the p 


rju*t«ii]ii 

art ition 


■ IH 
US 


ing 


the 
the 
the 


FAT file system < QuickC 
NTFS file system 
FAT file system 


art ition 


US 


ing 




ENTER =Gon 


t lnue 


ESC=Cancel 















Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



ULaH JJL^lil jjsu ^ * V£UI cjUUll £-u*L ijgui 




( : <^ O"*' Jj«%W J**^ 4j1^ ^ajJ <^l Sjj^aJ) 4-u.tuuII 




^aij tij^ t « (> £jSj» ja j Ai-uail qjiH ^ ft^ij Product Key £^l 




41 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



4 jJjJJL4j£il a.^Vk ma jyyut 4jI^ ^Jt^ 4*uiLui jLaLal J4^ JJ^%^ <"n/n -1XJ 



Jf f Munwofi' 

*# Windows 



■!*Vjui> mil i 



se this computer? 



s 1 will create a separate user acrounl for ea 
informal I on. prated your files e'rirJ coiftptfte 



These name's will aftjjfett OftttSS Welcome sciee 
Cllt* Your name on the Welcome screen to begin 



Start menu, end then did User Accounts 



rder. When vou start Windows ,- simp |v 
jasswoids and limit per miss ions for 



t'hmn j tyut 4Aj»x1\ i J*l£]b XP jj«^j f^ Cujjj ^£ul £jSj IJfjj 



42 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



U^ajuaj J9&JJ9 <pUni gjuuljj « uJLjJ| (jujaJj 



Windows Seven 7 



Sjf>Sf! ^1p fi(J*iJ SjSliJl <%1u>j <L& <iUJj C)£^ \*aj*ai QxaliluiAll 

. V-*^' ^^V 1 ^"Lll JjaJll 




:: ^uii Ji^ib jIj&V! ^ibu» jflfc— Uju 




43 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 







dVl ^jj^I c^j^i jj-^j^i ^**3 <^ ji Install Now ^*^2 




Aiojilil ^fl Jflljj Ul jj I accept jj k* * J£ Maj f Wmtat l AjflliSI j$£j 




Please read the license terms 



MICROSOFT PRERELEASE SOFTWARE LICENSE TERMS 
MICROSOFT PRE-RELEASE WINDOWS 7 OPERATING SYSTEM 



These license terms are an agreement between . . aft Cc .Dration (or based on 
where you live, one of its affiliates) and you. Please read them. They apply to the pre- 
release software named above, which includes the media on which you received it, if 
any. The terms also apply to any Microsoft 

D updates, k 

D supplements, 

D Internet- based services, and 



jj ? :o; : r ; .J'"f '■■ :enie tetms 




44 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 








%*- i,,JLU ™- 






Which type of installation do you want? 






Upgrade 
^ T, Keep your files, settings, and programs and upgrade Windows, 
j^^^Wf Be sure to back up ycurfiies before upgrading. 




_ — Custom (advanced) 

Install a clean copy of Windows, select wheFe you want to install it, or make changes 
W^^ to disks and partitions. 

This option does not keep ycurfiies, settings, and programs. 

Help me decide 


t» 












IS 



AjjjxSI Aioj*Iil ^i jj Drive options jj ^ ^ Lu a L^ t JjLJI ^ Cujjj 



%* 



Where do you want to install Windows? 



| Name 




Total Size | 


Free Space J Type 




"j Disk Unallocated Space 




5.0 GB 


9.0 GB 


% 



+t Refresh 
^ * Load Driver 



Dri 



Next 



Installing Windo 



45 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



( : chjj^' 6* j^ J^ c j*^' <->"^ ,i ^ uu 4ia^L» 





*&- "~~ 








Where do you want to install Windows? 








j Name Total Size | 


Free Space | Type 






_■ Disk Unallocated Space 9.0 GB 


9.0 GB 












tf. Refresh ^Delete ^/Format 
ij;* Load Driver ^^ Extend 


1 












Next 


























^ J 



install vvmaows 



Where do you want to install Windows? 



Name 



Total Size | Free S pace | Type 



DiskO Unallocated Space 



9.0 GB 9.0 GB 





£| Refresh 


^Delete 
Zjl Extend 


^^ Format 
Size 




■vjr Mew 




^* Lead Driver 


|^21& 


2J MB 


A^rJv Cancel 






















Next 



46 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



jji^a fUaii jil j^ajS * Luul ^jj V ^ Cancel -k«-^ 4-N^jJI * Ja jj$£ .*& 

.. JlJ&VI CJtila ^jau 



1 ^ 








Where do you want to install Windows? 








| Name TotatSizel Free Space Type 










j_p Disk Unallocated Space 9.0 GB 9.0 GB 










1 : - 1 
In sta 1 1 Wi n dows ' — — — ' 




Cjj^ To ensure that all Windows features work correctly, Windows might create 
^r additional partitions for system files. 






%!§«* 




|*Loa 


[ OK J | j^cel | 






















Next 












^1 



( : J^lSj CaIia ^IM <iL^i j$M JJL&ii jjjLiuij fllailt Cujjjj jIjcVI Ijjj Ua 




CjULaxil o JA ££ jjSI d^ail J^Ui £>a 4_ai.ua S.l&Lu_4 ,Jfr Jj - da II Ajlai 



LuJJ 



4JjJ-4.it /Jp lIiLLj La U) Sjj^j £jj^ Jri^ rj-^ ^JJJ ^^J' ^jMnnj 

. (j^j^l jij^ O^iL LjiUtll ^fl 6.V\*imj < AiA\\\ 



47 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



9II 4<>liu()l " eWI OUJ^I 



Microsoft Virtual Machine 



^ <^!jldl JJ%^ S^ <# tr**J ^ ^1 *^ H*%J « ***jii 
. ^JitoJI fUalll (jAk jll ^Ualll JtjSil ^ U til JaH]| QjaukLu^ V 3V 1 4aLuJI 

; ^j-ftAji) «^»Ujjli £jUJI aUaJll La) 4 ^jSjAaJL ^^uiLuiVI >UaIi! Ajauu ajj 1 ■■ 
jjjSJ .- ^"""JJ ' igffi^ ^ *UaUl ,Jfr .lajxj 4JV tilljj 4 ^-aA jil AlIaiSL ^auiiui 
JJLwu jj j>^l JbJj fJ jjfl 4 Jji^lj oaaiilj <>Vl UJ-aA' ^Lal±kluuV) <> 

; Lu^i 4j^J«* l,Oa (j\S ^yAAjil aUalil ' « w xjialuJ Aij^-ui <J£jj t AA^b 

.. Ljiuu CjSj ^ JjJa. ftlaj ftuulj 

. jjj^ilj \ il\ afrij 4 4 ag ait Ua-aljjj 4_u^^mJ| LuLsjIjus qajI^u \ fl La 
Jxj A ' iiiL uilJAVIj '"' 1 a) >4-,,,.Sf) ^ Jj>*il fLiJI *&la A^luKftil Xjjfllutfjj 

(^ ^jljUj^ J^W JJ^^^ J^jj { Tjifrtni ^^a 4 4IaL^1a]| AjUai] J>-ajIi 



!! J^l .%j djl^ IjSjlLu 4 UJa ^jSaJ! IjW jl V! 



48 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



. 4jjAa]1 ^fl cHJ^W O 3 ^ £j*^J^ (> £*Uj^t J*** 2 £^ 



mu 







. U^^^lEa tefefr) Gti£&$BSl£iD 




av i ate a^i^to itfjgfMiM) 



1 % Virtual PC Console 


3 Action Help 


New Virtual Machine Wizard , Mi 


[ New... ] 




Virtual Disk Wizard h| 

Option a 

Exit 






Stmt 






^j File h*«^" ' j^l 
New Virtual Wizard 



49 



Y% U 



4j«n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



Thra wizard helps you create and configure a new virtual madime 
c* add an esirsbng virtual machine to the Virtual PC Cwsole. 




< BsCl 



i 



New Virtual Machine Wizard 



Options 

ymi can create a mt* virtual machine or ackf art e»sting one to tfte Virtual PC CM SGle- 



Select on option: 

<*> create * virtual machine 

Th-s Dption guides you through the basic conf igurafcons necessary for creating a new virtual 
WKhme- 

Quse default settings to create a virtual machine 

You can automatically create a .vmc iiie with default settings. The resulting virtual machine will 
nut have * virtual hard disfc associated with it r so ytju will have to select one- using rj»e settings 
dialog. 

O^dd so easting virtual machine 

You can add a virtual machine to the Virtual PC Console from casting .vmc Iite& 



<Bgck Nam? 1 . | Cancel 



J&jj ^2* Next -lai-^aJ - t 
w V^tl ^UaJ Jib ^ j fUaJ 



joU. jA j t JjSfl j^pJI jHaj - V 



New Virtual Machine Wizard 



Virtual Machine Nam and Location 

The name you specify will appear pi the list ti virtual machine* in the Virtual PC Console. 



Type the name far tfte virtual machine file. Choose a name that will help you identify this virtual 
machine's hardware or software configuration or which operating system 4 will rp, The file is 
attsmnatically saved to tfie My Virtual Machines folder, To save it to a different location use the 
Browse button, 

Name and location: 



ft 



\ fl-owse,,, ] 



•-■ Bg r.r. \^r > Cancel 



^ jJ! fUalll Jak 0^ J^ - * 
^k- <| jjaj <>aj£ jLul! J*HJJ 



50 



t • n 






ijiiT^ntll dJ^VI 4J-A^J (JA\ Uflljl^t djjJ 



llMP.MUJi.itWI 



Operating System 

5*tcrt 1*1* opiating system you plan to install m this virtual «iathine r 



Selecting on operabig system here allows the wizard Co recommEnd appropriate setbngs for this 
virto»! machine, if the desired guest operating system is not listed; select an operating system that 
requires an equivalent orrount of memory or select OttieF. 

Qper9tH*g system^ 

Windows 9B 



MS-DOS 
WK wfaWi 95 

Wn-.Jo^iMi-l&nnium Edition L^ 
Windows NT Workstation 
VAnd(wS 20UU 
Windows XP 
OS/2 



Windows mt server 
Windows 2000 Server 
Windows Serw 2003 



Others j^V! jUiJ! jU£!j l^ 



pjimmiffliwyiBi 



Memory 

You can configure t>* RAH on this virtual marihiM, 



To improve the performance of this virtual machine end run more jj^icabons en its operating/ 
sy&em, increase the amount of ram allocated to it, to leave more raw for other virtual machines 
or your system, use the recommended RAN allocation. 

ReoofflfsteffltfriJ ram: im MB] 

Aifccate RAM for tins, virtual machine by: 

(*)Us!¥Hj (tie recommended RAM 

O Adjusting the RAM 



fe 



New Virtual Machine Wizard 



Virtual Hard Disk Options 

8**0*6 you cm, install an opera-tin^ s 
rising urlUal hard disk So it 



ft on this virtual machine, you must add a new or 



A virtual hard disk is a ,vhd file that is -stored on your physical hard disk and is used to contain the 
gtoest operating system, applicators, and data fUes- 

The first virtual hare disk yw create or select for your virtual machine is wiled Hard PlsJt i in 
Sewings and is the- startup disk. 

Do you wont to use: 
® An etfsting virtual hard disk 
O A new virtual hard disk 



^Etack K&m> j I Cancel 



L^^ii M ., ; w ; .i,uw^,,L 



Virtual Hard Disk Location : 

This wizard creates a dynamically expanding virtual hard disk with the specified ] fM 



Type a name for the new virtual hard disk. Unless you specify a different location, the 
virtual hard disk file will automatically be saved in the same location as the virtual 
machine configuration file. 

Name and location: 

I d: V^ly Virtual Machines\AboMossa ^New Virtual Machine Hard Disk.vhd I j Browse. . . 

Maximum virtual hard disk size: 130,557 MB ^ ■%, «y *Lj^J 

Virtual hard disk size: j LZOQCf j MJj 

To learn more about the different types of virtual hard disks, see^iC&l REiiela^UE^JjJ. 
advanced virtual hard disk options, use the Virtual Disk Wizard ^r -^ 



Adjusting the RAM 

JjV! jtpJ! dj^iu Uft _ V 



jjext? 



<Ba^ 



51 



t • n 






ijnT^n.ll dJ^VI 4J-A^J (JA\ Uflljl^t djjJ 





Completing the New Virtual Machine 
Wizard 

YcLihjve Eureessful.y completed the Hew Virtual Machine Wzaro. 
Youf virtual machin* will be elated with the following attribute*; 

llnm^: tfr.n9g: 

Memory: 64 Ma 

Virtual hard disk: ¥pt_w98 J Y*td 



To ctose the wizard and create IftfcS virtue! machine, cUck Fin =h. 



setfaiva 
i_fr R3# Name 



■* Hard Disk 2 
•*» Hard Disk 3 
» Undo disks 
"^ CO/QVD Dme 
U FfeiW tttsk 

Jjf CQM1 

■ ccwa 

^Networking 

' Sound 

tg Mouse 

Cl Shared Folders 

•^ Display 

Close 



Current Value 
wenfffl 

:;;■■; 

Nana 

□cabled 

Secondary reolroller 

A'jto detected 

I: "";■"■ 

!;:•■;..■ 

Network adapters:l 

Enabled 

l-fa painter jrategration 

Mot Installed 

[re-fault 

Sin-.-, ni.?-.r,?,r,r 



Owone 

',*) Virtual hard disfc file: 



Er\vpc:_w98.vtwt 



| Browse.,, 
Ta create a new virtual disk Dr edit an existing 

cn*, dick: the virtual Disk wijaro bonon. 



| Virtual Dtak Wizard | 



Hard dtSk i Jitlw virtual mae*inifl , s,*i3rny& disk. 



1 QIC j [ Cancel j 



*t$j£U Finish Ja L iaS ^ - H 



Settings jj ^ ^a*^ 



H Virtue. n C Console 



New Wrtial Madihe 
Notrixiring 



7 



■U^j Start 



Hew,,, 



Settings 



Reno^e 




Start 



Start jj ■k«^aj - > > 
U jl&) ^ ^31! fcVl J* &fi>. J^2 ji 



52 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



J^ Jjl jU12j £ASV1 aUU*) j£U Bios Setup J\ Jj^» Jj^ Ujju 

^jlaJ ^11 AJIjkutf! jUi2 ^2* <iitij DVD > A3f IjL ^LuAjJl *fr! 1^2 
Ultra ISO 4-a-u.lj * U tJafr l^J diJa. jl li^V l^LuJ AijU^I CJU!jku»VI 



1 Windows 7 Ultimate - Windows Virtual PC 



Action ■*■ USB W Tools * Ctrl+Alt+Del 



Main Aduanced Pouer 



Bins SETUP UTILITY 

Security Exit 



K Hard Disk Driues 
K Floppy Driues 
► CDBOM Driues 



L 



Windows 7 Ultimate - Windows Virtual P 



Action * USB * Tools ▼ Ctrl+Alt+Del 

lootl 




5*11*11 4*ji <> Del j F2 j j 2^" 

Bios Setup J\ J^ J* A&j 

Sic! jjij ^Ltfdl ^aJj ^ jifl 

^jijii (|jj J^ <> c^> ^ Boot 

CDROM jA jl^ Jjl J«J u-aSUi! j 



- 

Windows 7 Ultimate - Windows Virtual F 



BIOS SETUP UTILITY 
Main Aduanced Pouer Boot Security 



^ 



Exit Discarding Changes 
Load Optinal Defaults 



71 Windows 7 Ultimate - Windows Virtual PC I 



Action w USB *r Tools * Ctrl + Alt+Del 




Exit LdA J\ U Jju u*^ - ^ i 
**ji <> F10 jj ^ ^*^b yH\ 

l^-uij JJL&i tfvi ^ Enter 

/- . ij^aJ) »UaIl| .-...V. jiu a 



53 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



^Jaill Cjjjjjj £j*il| 4jL»xJ J-uaial) jjJ^I S^Aluw jJaluij jjSi CJUjk^ 
qa Lai t (j-uj^il (jj*iJ ami) '•*'■*-"' SjjA^Dj dj^aSLi r^ii jAj ( J^L^iL (_j-aA j\\ 

jjjLjj (j^L^j) (_>jjj^) '"^* w ^v «iii Jj * j — ^ (j »'*;"■' a1aI£ s jj^i) j^a. 



. ^ j S CuLt* jj-iJJjj i Ji£* _S <^j (j^l jj^ljj Jjfc&i gJa 









,i^|j cjflj ^ (^ j fUaJ <> JS) Jj»-uij £jkl 



jk\ j ^UaJ £jj <> 3Jj$-uj JSj JiH]) ^Jaj 



. j^) ^UaJ ^ dj)jALu») x-4 &Uaj ^) jC- CltJjjJV) J<^ tuaj) xJaj 



. Aljjla ^> j^L ^ jllj t^AaJ) jj^jil Oa CjUU]) JAJ ^Jal 



^s^bJi ^ itej*i A* ^ ji) jl^i j* u.jbai) uiv) ^ ^ 



. flauil JiaSfl Jjjkll JA Aj)^i) ^ SjjaJ) c_jLu^t£ 

La ^Jaili ,j<4 (jLajlui ^j^) J*J Sj-*-2 jjS t f Ua^VI (j* 4 J^ ^J ' ^ai' J J^' 



<&) f&flj 
f l&J IouijV ^.Lvj ^jij Jii Cxm^ 1 il )j& J) 



54 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



CjlAjjniJ| :: iJli^LzJI (JlJjal| 



M-i-^liW^IJ^I^I 



> <&! Jju <> JJatf! ^ oAiM 4ku<ljj CJJjjj*VI ^ Ujt&iJ! fj AJIjku*) 
t iii£>£I!j JljflVl 4a.! jj t^Ill <^l JSlAftl! ^! &a 4&&A Ja. ^ * Ja.j 

(iLjMi U) £)£] t <_uJ_aJ! ^ j^^ilu Ja-a «jfl jjfr ^Vl uiuilaJl 4JLu^ J^a 

( J I J— Utjj V >£&A 

JLa-4 ^i djJaj ^1 CJljjkil] Ujj ^aLuia Jluu I g *nVi ^jjj * jjjJjtgJl £±&1 

t^jaij * (jj^\ & ' ft^J 4Jljku«l Ja <# ' J^ >Ja>lyiS JalSll £>£!! Ui 
*. Jfll ""'j Jj t dujUJVI Jib <ji*jil (j* 4 ^-^ ^ Sj£*-a CjIajjJuj t 4jjla4 




55 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



iUj LQjJ n* u :: c£sjUI £pJ 



QjAui Jluu CjU^>jj]| o JA Ja^lL U^uu ^luilj JjSfl * Jail jjJjfl 4^-jJ <ilUA 

CJULuil S^Uj tfrJjL&j £uia jJU! gfe&lt jfr djlfa. ^ £au2 * ^ULud ^UU 

Driver Checker Database g^ji ^^ 4&»lj 



Jt Driver Checker 



* 



J^AbOLit 



E 



Update 



Found 1 9 driver and software update(s) 



STEP 2 OF 3 



© 2 © 



||-J Back up 



Ot 



Unfnstall 



a 



Export 



J>-| History 

Options 

!fe^ Submit 



Outdated Drivers (19) 
Updated Drivers (59) 



Outdated 9 oftware (0) 
Updated 9 of tware (75) 











All Items 


Outdated Items 




Item Name 


Company 


Version 


I 


New Version 


Option 




gS(7)lDE ATA/ATAPI co... 




















(71 Intel(R) ICH9M-E/M 9ATA A... 


Intel 


9.7.0.1007 




9.9.2.1002 


a ** 




<f |v 1 Sound, video and g... 














H71 Realtek High Definition Audio 


Realtek 9emic... 


9.0.1.5794 




9.0.1.9029 


a «* 




?<*[•] Universal Serial Bu... 

\7] Intel(R) ICH9 Family U9B Uni... 


Microsoft 


6.0.6002.19005 




8.3.1.1011 


a %# 






PI Intel(R) ICH9 Family U9B Uni... 


Microsoft 


9.0.9002.19005 




8.3.1.1011 


a <*# 




[7] Intel(R) ICH9 Family U9B Uni... 


Microsoft 


9.0.9002.19005 




9.3.1.1011 


£5 iw 


- 



Driver Genius 



si -J Driver Genius Professional Edition 



e Action Tools Help 




Driver Download Manager 

16 drivers in 4- driver packages are available 








Driver Package Name 


# of Drivers 


Status 


Percent 


Size 


O Realtek GbE &l FE Ethernet PCI-E NIC ... 
£y NVIDIA Display Drivers 
^^1 Intel Chipset Device Software 
.. Realtek S136 E16B B169 Ethernet Drivers 


1 
1 
13 

1 


Downloadi.. 
Installed 


0% 

2(JS% 
10O% 


bytes 
bytes 
2.4S MB 
5.3S MB 










► 



Intel Chipset Device Software (Includes 13 drivers) 

Driver Date: 01/13/2009 

Driver Version: 9.1.0.1012 

File Name: intel_inf_9-101012.zip 

Lo cati o n : C :\U s ers'vAd mini strato r\Do cu m ents\Dri verG en i u s\Down loads 

iQ) View details 

$||' Delete 



Stop 



H 



C 



Download All 



56 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



[p[J| ^Ato-U| 091S J |)uaLiiJ| <jijj&I| 



Mozilla FireFox 



£aj ; tliJjIJVI w a\4-., ,.a Aijfr ^Luala >Alj A^-uat ,jVI Jf^J ' 4^ VI uiuiIaJ) 
^fl J-JaflSfl jjjju 4JI V) 4 V^"* ^J '"' US '""'^ 6* J^ ^ £^» oiUl} 4Ji 

. <Liuit Lu <1J1a qA^jJI y^jjA jA ^> £^ajJ t^ljil JjJaJl 

2011 ^ jpj j^ <> M-^V 1 di *J 



2011 


Internet 
Explorer 


Firefox 


Chrome 


Safari 


Opera 


January 


26.6 % 


42.8% 


23.8% 


4.0% 


2.5% 



Internet Download Manager -* **-}j^j J*a*21I SjbV g^Ujjj 
/http ://www.mozillaxom/ar/firef ox £*j^<J!v*^ 

^SJj t v Uil) ^ J J Ai^J jlA^aVI uiilkj JS bula < Jj*>dl jt^Vt J^Jj 




iJLaJI 



Ctrl+Shift+D ...*i^iAu JS/jI^ 
Ctrl+Shift+B ...oliriJUdl joiij 

Li_L>/)lajaJl[^J 



X 


c - 




most sites | NewTech 


m 


,.HtH»TOMad<E 




*. 



57 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



- ^1^ istiLel :: ^a^^il claTiaJl 



Google rvljj 



I https : //addons . mozilla . org/5:' /fretox/extensions/bookmarks/ 



..Google u5i«ai £;J Browser Statistics /-/.V ...jl #s% How TO Hack Q How TO Q Google ^jo diu>jaJ I ^J &£i£^ -^5:^°... j_J ...dlol^ 



..LollaJl .f.jj ...Browser Statis- ...Microsoft virtu *^ ....sitetmediafire ^/J ...users of windo *^ ...,site:mediafire *.j| ...<^ci -dr web *^ 



Firefox 



T _=-^ : ^i~^ Register or Login 



FEATURES MOBILE ADD-ONS 




»>h iMSJi < CtfUSrf < _ 



4Jt ^^aJl {-jLa3L*J) 



iMacros for Firefox 

by iOpus 



Smart Bookmarks Bar 

by Rem y Jute a u 



Featured Add-ons 
is.gd Creator 

by posts pectacular 






: ljLujjI S-lxJ CjtiLuaVi U^i Jjo^l A^J Cjlilua^U cr uajjll ^J-^i jA lift 

..Ujtf 

jjJu jjjj (jiajuili t ^A<-v-i,,.At) Jjljji c-iruA pjlufl c£J^' (-i)JAVI W 

JalHi! jl ^Ua.>ll -S CJliUa! Jjjj >! j 4 4-uiJ giyaUb 4-uatiJl CjUUaJl 

PDF 4xi*-aj ^I^aII CjUi^a <ji*j Jaia. jjjj jl) j * g3t jaU jj^a 

(JiwIja.VI jjS^JI JjS <> ~u *.,.,*. jg L^J^ t jSj^I Lfo&Jj V <^l CJliLaVI <> 

<^U* Jl^j o-UJ! <*.iiJ ci^ ^illj ^&i&! JjSl^i! (> u& CJliUbV! v&! 
. £.J^ jl Donations jj J^ <> ^ 'j^ ^ J J^^ jl 

ui&f jl Vj l+lu Lufi CJliLiVI AjLuujj * SjaJj AiUa! Cjjjjj AjL* £j*i ^ui 

NoScript <> ^ *^! Jji 

JUIaSfl o*jk- £^ J^ « H 1 ^ 1 tii* JSU^aH ciVi CJlia CjK Jfl AiLbVI ft^A 



58 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



^fl 1.1a. A^a <^Aj i ^iuajli ^jU jlda. AifLu 4£tuaVI o JA jL ^ ja,i Jl£t 4 ^J 

^ L4] UUS JjUx* cjliL^V! <A ciuiSj NoScript 4i^V j ^ J> 



(jji£j£jjl£ij AJJj-a Jab ^^uijll (JJliLuaV) £$>»J cj&Ij 



Firefox 



FEATURES 



T c*j^ *r*^ Register or Log in 



c 



No Script 




NoScript AiL^V 1 ^ v^ 

Showing 1 - 20 of 29 results for No Script 



•uj^ji s^ij 1 Updated c*»$t 



^Addt + 



reviews 991 

weekly downloads 244-604 



NoScript f&k 

Giorgio Maone Hw' 



by Giorg 



±&m A^iual i-i&V; ^ ^t ^ ^iaJL^ 



The best security you can get in a web browser! 
Allow active content to run only from sites you trust, 
a^groteet yourself against XSS and Clickjacking 

.attacks 



Support this add-on: Contribute US£ 15>0G 



:: fc£"fS 



. Jjlfli^ ,jJ-& ^>L?>r '"-■v= -1 ^U \$-lm* *±n (addons , mozilla , org) ^s^joJ I l_kil £ijo lt-^Qj-* ^ 



59 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



( 2—4^1 ) 4_k vj^»J l^W >^ >-M ^ J jjil J& JaL2aJ 



Firefox 



j^ 1 ^ 



Regh 






JoJkS jb$j iSJJ iylJl o-Mi-'i^JI u-^ Oj I -1*0-11 olsLaill ^J 




\ jO U I •. . -r . g 1 1 i ' 1 1 j j v _-i - ft . . 1 1* - - 



/addons . mozilla . org/firefox/downloads/latiest;^ Z/addon -72 2-latest. xpi ?src =search 



® 



& li 




■uyickls 


£j| 












60 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



SCRIPT>: 7 | <OBJECT>: 0> J i°n->5r a ^n.-.iv. J <c,..n <g( 



^.ODUJJ Jiii www.google.ps... 







(^jjal ja&J JUiL^r J"^ i^j OLjj^ i dill ^Lo^JI S 






googleps yjo ^lo-ujI S 



Ll^c goog/erps ,>d ^jdlll./ ^tj 



JjJLuU LJJ^J 6 r^Uil <JA J^ l4j|j Ajlijiti i &JJLUL4 J^j £§Jja UI^J |jj ui 
^Siij < AijJJ.4 JJxil XSlj^Ilj 6 AijJJ^Il X2lj^il Aij3L4 *JJ uL£ tjLA <JJ4J*liu4j 

CaJIp CjjjSjVI J*^ t-ii£j AjuIj Ajjl^ut Sjb) U jjjIuj ajSj du^ 4 ( fl/tt ^-aII^ 

Sjl£r UfLuul ajj ^^ij ^JJ^ 4 J^ fUa^Vlj < j ^1 J£Lula qa USLk Uitj 

dip. 4 f Ud\ <> j&\ f^ ^ Ij^^Vn ^ £#*l\j jjSlfJI JUIaj JjS <> 
A^iljj^l ^Ulbj Cjjj^jVI ^4^1ul4 jULual aIxj ^fl Jij^l CjI^LuJI J^UXGJ 
CjjJjJI £j*aaj 4 3 j i ^Hiti ^l^ J&j ffate* (ji tHiVit b ^Lull jj ^AJjJ^jj 
AjuULa jl JjjJI cPtu^j £lL^j jl t CjljJbkAlt Cj^^uj Sfljd ^fl J^J^^ 



61 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 






wot :: <&2$\ f^l 



Web of Trust - Safe Browsing Tool 

U 



wot 



+ 

wot 



Search Results 

Showing 1 - 9 of 9 results for wot 



irf^' a-iJ 1 Updated ics**$I 



Featured 



reviews 71 5 •' 
weekly downloads 114-334 



1 



AiUaVI Cuutf U iaxJaj IxJa 



Web of Trust - Safe Browsing Tool |^ 

by WOT Services %» 

Would you like to know which websites you can 

trust? The Web of Trust (WOT( add-on is a safe 

surfing tool for your browser. Traffic-light rating 

symbols show which websites you can trust when 

you search shop and surf on the Web 



62 



0Guide | Settings 



won 



a] a 






userstyle5.org 



Register now 



WOT rating 
Trustworthiness 

MUftO 

Vendor reliability: 

MUftO 

Privacy 

uiuo 

Child safety: 

AMMO 



View scorecard for rating details. 

Add your comment. 

My activity score 
Improve vour activity score by rating new sites. 



The 2011 About. corn's Readers' Choice Awards are on: Please 

cast your vote for WOT in the Best Privacy / Security Add-On 

(category 



Y% U 



*h<n^niil Sj^Vt ^La^j u-ai uilji^l SjjJ 



:; <^jVLj £JI>4ll CtfLa. fl mhn j oapJj l ljVitj i n 

. ^ <J>4j*j jfi** fib* Excellent 
. Jal *Uj*L ££Ij <>) 4JI ^je- <Uu£j ^ £Jj^ Good 



.. 4^j^£ jlj^ll ^j^H ^Ic 4^LuJt »4b CJjfla IJ! Ui 



tjl Rating details 






.WOT Warming: " ■:■ *re " ?■:■ ? poor reputation ( 




JU 




► FrceUpYourPCNow! 




Li 
Fixexeproblems 


WARNING! 


T— -t Advonced 
PC Tweaker 


Advanced PC Tweaker 1 


:4.95 


iJ Exe File Library 


This site has a poor reputation, 

fixexeproblems. com 
I View rating details and comments 




^) Trustworthiness Very poor 
Q) Vendor reliability Very poor 
^} Privacy Very poor 
Q Child safety Very poor 

This site is safe - I want to rate it Ignore warning and go to the site ^ 


x All These Problems 






WOT 

WEB OF TRUST 







LinkExtend :: ^^aVi H 
LinkExtend - Safety, KidSafe, Site Tools 



63 



4j<n^niN Sj^Vt ^a^j u-^i uilji^l SjjJ 






.**Cl3'@* T ^af^c T P|g|^k T @ T @ -Search^ j 



. LJBfc£xft;n j 



CjULu oJC-li (j^aij Jj t ajjAj ,J& Xaj«j V *UUJI I^A ^ jAj t 4 a fl - <aj &jj 



JF-*qb 




: : chVI ,>iW ;-" jlaa. 4JI ^I& < aiua^ xflj-*i Jj^t .iJc- 

- © - Search^] ' j - LJlfcfcXlfclii 



/ SiteTraffic ' PageRank 



Safety Status-. High Risk | Safety Status: High Risk [d ■:£§ ..ftafl JiB^ 



Web of Trust Status: High Risk© 

Site Advisor Status: High Risk© 

Browser Defender Status: Unknown j^ 

Web Security Guard Status: Unknown * 

Norton Status: Unknown | 

Compete Status: Unknown ^ 

Google Safe Browsing Status: Unknown t- 



WOT Warning: This site has a poor reputation jQ 




*1\ja1\ <jP (jf\°\\ <nV) AJouiIjj ^Sj-^t xLa aj ^ <5 jj La£j 



£* ^ftiiu o* L^u c iiUi ji ji r ^ r ^ui ^ Ajuk jjn ^ ijj 3V1 

JjVI dUj£i Ufl c (iluij 4jU* ^ ^SjjA jjkjj ^^ Up £^tj CjtjjkUt 
Jl£j Jjlla jjJ ^Ujk«il 4Jau ^III Ajjjx^I ^IjaI! ^j^a«o du^ * Ulau (Ji\ 



64 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



ttfff Uia 

• • • • • 13 

^ua j^ijjj ^j#^ *jj^ u' j^j' ^* '"'^**' ; ")j *— lUsit IjSj (j-* ^ ' ^jj^ 

L^jj^aU^j 4 ^al\j J^aJl JjSfr jjfr jaLuiaII * l-il! lib <> ASliVi J& 4jjj*^ 

AjkJl j£ AaJalla j jjjlaiilj a]*1] /ju*i Aliljla *j laaj ^JlxS! 4 <L^Li. 43jjj J^b 

!!!!! V fi < JjAla £>b>»il lib JA ^ jS4j <>jj t V-^V 1 

.. V f i Ij2 I42L&I ^31! 4-ajk^l ^i 
fl*j V Uj ^Icj * ffc &\ ±*L> £jj * 4jjj*]| CjLj^a]) ^ Jljlall ^Uil >»jj 

^iaa ^k JjU ^J>i^ ^^Ljj V La] SJaIj AjjjI Ajauxa. *iSUA ^l£ £) 
^Jjj] PjjAa Ubl^^l /*1ajj V La] ; ^L^l ^jllj alj Ct^j^A ( JJl\ CJljLuailuiVI 

dlJ jjC-j fLiacVI CJlJC-Lu^j CJ|jLuilu«VI ^Luil ^ f!c jj ^bj ^±aJ V UJ 



65 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



JJJ 1§|J| : gjlwJ| oujal| 



M| 9 ^lAlol| 8 M 






■ "i "i a 






Extensions £A*\&ti\ J5U <> cijju 
:: him i*i\ll\ SI j^uk g-aUjj </! 



X "' c i 



aiiii-jL j*h 



jJllLij £jj ( flUti jmiI ii(l 3|F- 



i-iicJl 



AboMossa.hmh 



&aI>JI 



IFooct Reader 4.1, Best Reader for Everyday Use 

Internet Explorer '^ 

jetAudio ffi 

Media Player Classic {*§] 

Media Player Qassic - Home Cinema £j] 

Microsoft Office Picture Manager [^] 

Microsoft Office Word ^ r 

Notepadi 



:uL£M Je £_g-U' liflJ ^- K ^" - ' i-jj" i^Jl Jl^jJI t T i^l 



uliloJ! J^e J_gJJ! lib £JiJ "Uj^ ^jacJI £*L^J! ,-'^" ■■■' |Vf 






jAl *l*]j J^ 



66 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



hmh Jl-^l fUi llil LUU! 

4&tf <^1 j! ±S&jftS j! tta3U! j!U <> CAHaII £ljj| ^ JjL L^j! AJIj 

extension -II <| J^Jc 

. AjJa< y|jj djLwul 




Medialnfo 
. . .TeraCopy 



Scan selected files with AntiVir 
■ , , Li^._4u A5Lij § 
''pass . rar " ,_sJ [ u^Li L ^ 



■ cJ [ tJ L^jl 









, ^j'La> 



^aj cjUIa jij^u^ ^L AajA ^jlaluij Ulilj Notepad <j-*^ jj^j^ £■* 



67 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 






botnet 9r ' 


OLOjl -bV 1 




q 1 .n ftj 1 t>3>E _M?^ ^-£ 


, , , iJ L-aftJ 1 q^jJr ■ Lf aljS'l ,5J>M djkj^ 4 j JJ j 
, , .JLortJI fli+ji t^JjSl ■JjJoQkj JLiiAII £L 


J * ^*H© 


...ijiJljJ 


D:^otnett3 


u'k^ 


■ ■ ■ -tLtaJ 1 OljL> 


cHjJmJI 


Unreaiircd.rar^g 
unrealircd.conf.rar |§ 
RxBot+CyberBOT.rar§ 
pass, tat (J 


* 




d film. pics (DO ^ 
SRECYCLE.BIN £=) 

6 £2) s 

botnet & B 



.. AJUil i*tf]t j^a * ( 4**fl ^ijbi ) fi <>j 



X " T ' 



ii>flJI «il -Lii 



r 



JLa*l J^wlft^ !'wlilcJi£i>: j*J= r lc 



; ^i .^s irtp^" n" jCJI ^^i 4JLjjft ■Jkr' 6 " : *'^P' 



|Clib<wi! isiii J^jj^sJ" Dilclj iJ!ii»iflJl isli jOC j—jfli" 



Hi 



:£c^c -ililifi 



^SfljStfril wLAJqJi f ! jij, w LiitJI OLi^hlc c\£>[ 






"( y n v , -e j so*fr. J , - ■ ■ -^>a- _'J^6 g»5>. ; 

J^»iJI J-syyl' ii *L LJI wlii*cJI Cljl^l cblaU □ 

OiyiL 4bj«cJl j= B^iloJi NTFS cliic jl^[ ^ 

g£J ^-a— >dLf j -±k*JJ jJLlc i-Lsj j-^*' [?l 



wUiijIS^i Eiisl^i . 



^.eJeJL 



^sijc 



68 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



( 4ijj*uJI CjUIaII £l j& CjUIaJI Cjllala f till ) fUl <> ^uall 4^£te Jjjj 



0000 f i mm at 



1024x768 liLaA'l 



0000 png 
313 png 
32132 png 
Ava Find exe 
e5terq. blogspot.com 2010-11-12 5-19 png 
e5terq.blogspot.com 2010-11-13 4-36 png 
e5terq.blogspot.com 2010-11-13 4-52 png 
e5terq.blogspot.com 2010-11-14 5-30 png 
L3l>i>y Is ^jrLojd I iJI>l>I- png 
tag: h 



TTTLI 
TITLE 



ul£LC 



VISTA doc 



XP 



;txti 



E.GIF 



a 
a 
@ 

s 

■ - 

i 
i 



png. 



L-igju^mpL^Jl 



doci 



Buffer OverFlow :: SjiSIl f^< 
J&Sf ^»UjJ! pj Jc I J&\ (J& <>*j * ^>lj^l >£t U>j 4jUa* Sj*j ^j 

??.. CJliUi! £!jJ! 4ij** UjJj ■■■ ! jU <J ^Jl 
4$aI^» ^S 3 j < ^nil l SjJaI) jJjki ^fl (iHljka. JjIjLj (iSjjaa*- j£Sj 3 hint; 1 1 



69 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



4 jjj^l JLI4] ^UbJ jjA^I CjUIa 

. V - ^^' £*b^' ^^ J* J Exe 
# ^iij^l cjLiLJ, j|Hal ja j Scr 

^Uaj Jjl o*j«^ ^ ^Vmn Cut* £ta!jj CjUIj1»I I^^j- ^ j Pif , bat , com 



*>«! 



CJjjlui <iUu Jljajfl Jj£ JJL&I JlJlal Vbs 

jm c»U *\**\ jA j Shs 

Jjaajj Ajfl qA^jxaII 7Uuu ^2j-4 O* 4 J**^ V /P*-*J ' ^-abtll xSIjaII (Ja «-aljjil 

. ffj ^-aliJl CJL-jjjiil 

. jSljJl £jj JJjiiil O-jJ > J cHJ^I ^ <> ^aSJ! * jail U*ijj ! JA j 

UjJI ,Je- Ailua^l! xSjIjaII ^4 liuuiJI AjLaa. ^ i_y&j£ji\ll\ LUJaIumI Ui! ftja-ufl 

IJAj t (ilij jj& jl CjLujII jjc jl ^jjjSII Jjjj AJU-jj Lai f $* l ^ 6^ 2^'>> 

^)>a <> ^Ijjj SJC (ilUA 0' O^ 1 ^ f-JaJt I^A ^ V^l IJA JjUlLuu t^ 

. CujjjVI 



70 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



/http ://www.download.com 
/http ://www.softpedia.com 

JLp&l uite ^ * 1j* jjLua Jjjfi JjS <> V! <-*\j&2\ & V O^J f^Ja £*>• 

£)* £J>uJl ^JJ^I <-*>^ fcS^I L«J^ A$jkuuljJ <XJ tjUwJl &a 3 frljntj AC^ASy* 

:: Sjj^la 4jjj& £$!>* _£ cjU^VI Jc Li-Jail J5U. 

/http ://myegy.com 
/http ://www.arabseed.com 
/http ://www.arablionz.com 

g-ljJl ^k- #£ jAs2il ^ V jj^J! Ou6U tJUil ^i >Aj * jj£l\ ^jjc-j 

J^lj aI^jI qaS& ^ &£l£ ^«^' V l*jla ' Slj^Jl (£<**■*$ <U^Ia <Uj.l4 jl *3>« 
Ij^J* Lfc^J ' LfcKJ-^ U-ali^Sfl <> ^>JJ^I f&t <> 0j% cJ ^ <&&& <> 

<> Aj>i!j Jj>i! >15J jj%N Jjj Sbi ti,y6Uj Ija^ajj * jJui! Jj3 <>*aii! 
£*!jJ! o^si J> ^i la^t ^ji! 4aj2j 4 0^J^» l^ cAU ^31! A^Jl 



71 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 










^JLSJI A^> yjft Jill 



/e 5tErq.bloqspot.com/201D/ll/blcxnMst 10. html 



Aiui JljSL 4ajj».1a £j£j .£ £a!jj Jc ^ jiaj Jfl £$>aII I JA £ji ^jC- ^f^ 



httpi//e5terq. aL^I ^j http:// J*j t« JjSf! ^! 
blogspot.com/; ^^j -^ £^| / jjij u ^Ifill *y£lt 

Jja-aj l^bH £>* ufljJLu t AiilA (IjULu SJC-li LL-iI jjSltui t Uuii Lumi l&Ja 
f jL ^ j$£ BlogSpot ^ Ui t V f ! >1 ^SjJ jjIj ^SjaI! I ja Ja jkU! 

. 4JjAa OjjL» So , ^ jj£| 

V >l 4jJL*»a CiLiAua <L»Jai *.& Ja <_£ jjj ^J-aJ) J^^JJ ' *§Ij-a3I (jJjLi£ iaj>ui 
,JI Laj Jfljfl jj£ CjLa-Luait <La^jjj xSaaII (jfr J^l ''"^^) xjjalmj JjjaUj t 
i_ic-l ji jSJib jjAa. ' (illj jl £$jaII IJA CJU^a. jC J&t ^ J^aj ^ia. t <ilIJ 
U j^ 0- j$S! AjJjW! Ailil LLiu Lift 6jAjj-V £*!>» yk 4*aM ^\jA\ 
(jjJl £A*L Up^j SJj±> ^kJa CJU^k f.& JJl\ ^!j^1 <> j£l\ <iIUA 

«A JJ& 4 <b<u( a Jl a 4_uxuaSl a 4ajLLUl£ 

(>> UjjC- jl jjjjj jj djj o - ^' 4^ t^J^" t^J Jc-^i ^tir < * ^-al 

v i jiij^i .ill; j-duj ^j^i ljL£1\ jc jjjbii AijU^i aj&ul^vi ^Sij^i 

,-.UtU-.t)j AjjjxII «JLua^il ^C-Jj 4-UJ& ^l>a f LiJI uii^j ^IjaII dJA 4ajilla 



72 



Y% U 



4j<n^niN Sj^Vt ^-a^j u-ai uilji^l SjjJ 



UaJ| ojioaJ : o«UJ| oujaJ| 



^1 ( S.Vn jj J^^u ^2 jl (^n^j -U^-4 *UaI]| £uaj jA t ^Uallt \, <A ^*y ^n\j 
fclalui) la jJ2 ^UjIjuJI L.iuuj JjIai ^jjjJ&Ij 4 <jVI nJajlui CjIjj u&H\ UJa 

t 4l\J&\ j! {MaSto tf*±>. 4j>1L*\ <> t-*J* 0i J ' M* J^j JlfaJl fl^ •'; 

DeepFreeze </***} £*U>* ik*-! jj ^Ualil jj^j ^l 

AjluaVl Sj>ua]L AjIbJ! Sj^uai! AJjtia f£ 4jlf* Jjx^u SjIc) jjflj ' 4j]bJ! 



<LaK f LuuL <ili KAuiiui «-aUjjil IJA ^jJs-aJ < J 1 fra U f JJ-1* £"£ I \\ t dIJ xjla 



LuU 



££, (iliLuij ^llla ^itLb A "*' A '^^ l^ Jri^*^' AijlA-a Jja-ajj t Ai 4 nt a jjj^ 
Sjjxil aj >ila a) Ijj '"'j;'^ Uflj-a 4£l£j| ^a (j^" LT^" UV"^ '.'?„' J JJ>*^' ^-*^ 
Aulac JaLuu j! uifljj S^Ji J JJLwu]! SjLc! c_iaj ££lj i Jxa^lil 4JUJ 

«.. ^-aUj^l !^ ^^uii! <iLlj La :: ^IjJI J!>J! 

j^biij jfcai V^ <A '^j (^ J^Jji' J^=^ &*i g-Ujrf« »^ 

JJLwui! ItiLUji ia&£ j^i » jVI tiK j-a! 4JI jlL 4J^ t <LuiJ 4jLa^ 4jjU-aj jjLu 

Jcliili QjtJ^ (>aj«jj 0^ 4^ (# J*^ ^?-J 6^ 6^J * (lM ^ ^^ J^ J J*^ 

.. ^UojjI d^o £ul£ LI 4-uijjIaII ^iuSI ^a 



73 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



*1 ^luii (J^Ia J^-uu djl^ AilVmtj i^V /J-*j| Vj < 41jm 4jUp iaAfi r-jJiLui 



DeepFreeze Q^ji £q£ 




Welcome to Deep Freeze Standard Installation 

Your workstation will restart after the installation is complete. 

The Deep Freeze installer is also used to uninstall Deep Freeze; the 
installer will automatically detect if Deep Freeze is installed and 
present the Uninstall option. 

NOTE: Deep Freeze can only be uninstalled if the workstation is in 
a Thawed state. 



If you experience problems with the installation, operation or have 
any questions about this version of Deep Freeze r please contact 
Technical Support at: 

Toll-free: (800) 943-5422 

International: +1 (604] 637-3333 

Ema il: su p p o rt@fa ro n ics, co m 

We b : ww w.fa ron ics. co my 1 su p p o rt 

© 1999-2Q09 Faronics Corporation. All rights reserved. 



[x3Zj &53JBHU763 




Next> 




Cancel 



a! ^»Ujj ^U Next M 3 



End -User License Agreement 



Deep Freeze Master Software License Agreement 

© 1999-2009 Faronics Corporation. All rights reserved. 

LICENSE GRANT: Faronics hereby grants the Licensee a limited r non-exclusive license to install r 
use, access r display, run r or otherwise interact with ("Use") the Product on a computer. In no 
circumstances shall the Licensee be permitted to Use the Product on a number of computers 
exceeding the number of Licensed Computers set out above. Additionally, the Licensee may make 
copies of the software component of the Product to a maximum number not exceeding the 
number of Licensed Computers, to be held as archival copies and only to be Used by the Licensee 
in the event of the loss of the copy then in Use. All other rights are expressly reserved by Faronics. 

REPRESENTATIONS OF LICENSEE: The Licensee represents that it has obtained all necessary 
consent and authority for the importation and use of the Product in the jurisdiction in which the 



f* |l accept the terms in the License Agreement.! 

r" I do not accept the terms in the License Agreement. 



<Back 



Next> 



Cancel 



74 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 







License Key 



N KQ 7 KD4 E-M TRZ4 60 6 -6 N TTCAFX-Z4 ttf S WN4 -ZS 65B H4 3f 
Use Evaluation 




Next> 




jijxj ^uiij ^2J| ^Slj^l ^i^j (> DeepFreeze S-*^ J^ 4 ^ p ^ ^j S^l& 



Next ia^aj U jxjj License Kei 



Frozen Drives Configuration 



Select the drives to be Frozen {protected by Deep Freeze). The boot drive must 
always be Frozen. 



f ro Bc n Volume 



El 
El 
El 
El 
El 



Size 



Free Space 



C: 
D: 
E: 
F: 
G: 



39997 MB 
100006 MB 
100006 MB 
176911MB 

60016 MB 



247163 MB 

5657 MB 

4755 MB 

11664 MB 

1 1493 MB 




75 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 






Ctrl+Shift+Alt+F6 



Deep Freeze Standard 



Status 



® Boot Frozen 

O Boot Thawed on Newt 

o 




Jjj>jLj ^uajl 



Boot Thawed , 



u\ (Jiiji 



Clone (Imaging) Options 



Set Clone Flag 



License 



:•::• :••:• :••:• :••:• :••:• :••:• :••:• :••:• :••:• :••:••! 



License Key: 

License Key Type: Full (Licensed) 

E wpiry D ate: N ever E wpires 



FD4BEFV0DQHH1PttQCRZ 



Edit 



Update License 



Jji^i ifr I j GWiPV! M±\ 



V7.00.020.31 72 



OK 



Cancel 



§ 



Apply and Reboot 



djjc- jl I JA ^»Ujj]| Cjljl^al <ji*j ^fl jj^' <Si* (> f^' "V^ c*^ f 2 

. <Uc jUifrVI jl Ajjjjj .ite JjJ^i! jiaJ! j^ji ! Ji 



76 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



U^jISj 



• ^ ^V. al a I I ^^ in aI 



< 4j <JaJj Jfl ^311 jkiydl ^li <> AjjU* £mJ! uialua jfijj U Jjj! <> J*J 

!!.. {j nntVll l jIaLi-4]| oJA Jjlj 

J gjKinn j3 <A\ o-U]) LJjfll ^ jl 6jU £b fkj jA J f^ tf ^\ fe^^J V 

. L&tu, <iljau Vj il> 4-ualiJ! <Udlj&L duau j! dJAluu 
^! ^ lUSjjIa l«J#" ' 4^1 \Jh <> J* ^ ^J^J d t>^ <#^ O* 1 ^ <^ 

. L^ik- t_uau ji ^JLxil djld^Sf ^Jlla J& ^i ^laluu 4iWtfl dJA j£ 

«jjj 4_oi.ua (j^aljiu xlaj.1 ,j^ 4_a1^ £>* jjSI (jLutJ^U .a-_- *bVI <j-« AJJ <_£$ ^ 
<UK Jlaj jt jlwuVI IJA fOaluil t jl- UL) f^ ^1 ^ j a-Ul <U 

i_2-_- ta < ^JU.1 lillaj cjUjiuAil (illaj (j^a < ^jj (^uuijil ^tiu-U L^J>uaj 
IjaIj U^. <ilUi t$-V u W*'j Lf^lau ^ ^Sjj Jib Jl£UI ^ b^jij^l 

^1 CjVU^I J^i (^ f Ijfa. LgJ Ai^Uc Sj£^l JAU.JJ J I AjjIujlSI Cjl£.lluail 

jjjk; AjL jjjkL ^Vi ii^ £> ^iiij « ^jijim! JUaI! ja cjVU^i 6iA 

tg, ^a'.^^j (jjj^iuJ! CJljJiC' ,jA SJj^ja dJl£ 4g.jlou.AJl CJljjjIajil dJA t 
^) SjbL ISjj^V AjjU-oil Luaj^aa Jj^il (j^» cS' f^ ^J ' ^J^ ^^ c?^ ^' 
ISjj^V Ja^j LjLajIaLaJI dJl£ ' t " ■■ iN - ft |JA (j*^ ' <j^H ^jjjlaj PjjJld 
ilwjjilj t ^%>«Stl ^aj]| CjJjI ^1 Jj^il jiaxj 4£jLuuu Jjjj (> ui ^lnn j 



77 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



^m j*j ^ sjiiii f±kh Sjuvi oja ^>2 * i^j j^ib ^jSrij j^Sn ^ 

<jjj£ul du^i ; iluiaJl aJUJI ^ J A-v-.,„sf) c-uiLuiJ J^afitj »*'M ^-1 ^J^J J^ ' 

lilli (ji*J iliij^ tAJauj t ^Luali. 4 rt-%^ (JJ^U^ <^ t_ijjaJlj liljl**]) pIajIui! 

. l^JjiJ J£l! fj <>j o^jui! ^-'■■■; Aj^Uuj <j£U J! CJ^tuaJ*! 



£ti.ill Sjljj Sjjlaa. <> AljiaJl &\J£Ui\ £J*a. £j> jA Ajj^I o JA JSjj U 

^uii J imjj p **.jijS5 *v-j >i o\ J* *ji ovi |JUAi . i^u-Sri 

flUU 4ja.ja.lj * CJlLluJl ^i Ajjjj 3jSj>&1 £lill! Sj! jjl £j>1a o-^Sfb ^ 
^jilj i ( (JJJjjjVI ) A^-ual! ^a.jj'jjajll PjjAaJI IjA t CJl nt < imM dLlJj ^ 
Ajfllj^j Jj ; aHjlS! ^ UJLajixAj'l frJyia. < _Jfr j"' liAjJI l%j^t * < ^*"" "*" " AjIxuiIjj 

. tu-* LT^J U>^J ^ri*-^ £^ ^J &*»*^ 

<> t Jjlai! &l£ji tf-^i t^ 4jj£>a Ojai*- Ua.jjjjajll£ 4 IJfj ISjjaI ^££5 ^ 
CJjjIa 4 <_pLj$£]| jLuil J«afl jj *UaaJ ^1 ^J ajlilal ^»jj j£ (-ijuAat J^> 
^jlliJ - IaIuiaj'I 1^ aJaJLuaj ^^j!) 4JV) j;*'^ '"'^^j /Jia. Lu*ifl Luui P jjJldil 

^1p ja.i ^> Uj t LiAiic- dju-ujij ujjIj ^j> <^ jj^i! i^i o^ <^<j 

LSjjfl 4 ^SjJ^ t^J>>i ^^»^JI jaJ JjUjjj LjSjj ^1 JjaII <!? liajUj ^U^l gjLuA 
CJ\ UjSJ Lift t LU& !JA ^ikj <J CJ&Lkluu! Aj%>«i »IiuJ Ljj o^j ^ ^!j 

jjjIH]) jj^a. ^1 jSJIj t ^jj]| 4JI J«aj L> Jl J«ajj (j mnViti Jja. ^Jl Jlj 
5^ J! J*a3 ^j l^jj 6- J<J» ^ J^^ ^ Ou.SU ^!j CM ^31! 



78 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. ^Uail (jlj^\ ljx1a1\ ^i 



jladl ^a]j * ^JluiSSV! jjki]! uiilii! ^ £,Vl f^ J*^ ^>^ ^^ 
4-^jUj 4_jjxJ! J>^J f^U J! 4 fSf! JLJ! jAj Lr 4*-Sfl ci^! J*i <> SLpJIj 

^ insvb j^Sn ja ^jSSri <J ojjj o^j ^ <^ 6*3^ J* J^ > i^j 

jii ^1 jjc :: jjiSiil Jtlu6U 1^ ^j * ^!j JLL» ^k ^Vl jxj ±&11 

http://www.saaid.net/Doat/bakkar/023.htm 

. L£a 4+A j V 5U£ L»jA jj*j £l .Jjjj <> >*aL <J J* J J 



Alaaill x*a uijbuJ >J^I ^J^J ' S^alj Alaa (jjfi^Z AlLmj Ul-aj ^£] aLI ^uaj 
(> ljjii£ (^uulj ^u*J j-ac ^ di^aj ^i Jj V «IulS 3 hi unit Ak,M\\ dlft 4 ^aJUil 



79 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



0" 1 * CS' ^J '-"J""! ^ ^»«Lllj SUa. (jJ.uiJ.tJ aJUil £)l£uu L-LuaJ (j-4 J^^ ' 4Jllui 

{A\*l\ y* J&lftil <>u2a <> Cull j-aU. v>- U l^ V 1 ^ ^ IjSj CJJS IJI 
: ^uiiil I JA ^ jlii AjaAVI £1j <^ L»A ujjaV !.*». j; u j u ^ * u 

£jj (> <_jU& 4j£ IjSj j£ CjSjj L>uuU (ilUacj ^ JJlj j>uua!| JUJI j Jj^l jJ$\ 

J?.. 4ia jjiluij V L-u2aj| jflj 4 CujjjVI ^ ciVI 

■ku^u CJijU 4 S*!jAll <> L*j!j JjLSf! CJfljil jAj JjjkUt : ^^1 jaVI 

( : <^aui) jjfla] <_>ai] 4 S jfl <> Cjjjjj U <J£j <_jU&I! j«u Jjla. 

^1 c-iaaji jj 4 Uuia*J jl 4 4j£ Sjjljil ^UjIslaS) jAL JjaJl • 1A ^ 4_jU£il t JA 
. AjA *U Ua Li*j Jlajj AjJc Jjj*j £jj ££Jj ^j^il <> SjSfl jl Sjj^a 

ljUU! (j* tjz. <-iUaj£l jl 4 A ■■■»' 1 <Uuuj t-jU&il ^ < _ r A>uu) jjj*j ^ JjaJl * ' *a U 
. f^ (|i jl <jAjjiil jl JjIL» <Ul£ £j.ij £l£a ^1 ^ djAJj 

. jAA\ <> ftJJjl V <| J^j <^Sf 4j £AUll 4 I JfJ £AAJj| Jl Ua <^JIj 

jj JjS jjI ^ H^ U* LT^' ^J^> ^ >lu9 -* ^' "^ 4-jU^il 1JA (jnn^jj 

. ^1 ^jJ UiU J^l I JA J**! ^! 



80 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



!iLiJ9JJAl| <J* i?lo=J| a*| jJ : J?UI l^P 1 ! 



AijJiil (j£Jj < L&2 «-aLJjjSI ^u»l ^ ' flUa a Ig-La Uaxj A^j Jflj < ilujaJVl Jta-a 

SjU^ll JjjaS) jjjajj ; «^1jJ|j CjIajIxaSI Ajj^J <-i-^J CjISjJu (JJJ >j)^ (j-tfSlJJ 

jj t IjjjS Adtii^l UjU-uiV Ul i p$ <\f\ ^211 ^-aljjil (> JjJxSI *)>- CJliiJ 
. t%lun jUL» Y j-a J&i oJJC JjU J>ui ^fl U JJjuj g-alj^l o JA Sj^I 

£LaUjjS| JfcUl JA £fclj i <$A \\"unt\ £iAS. &U Jj*ilj CJJJJJVI AJJ2LJ (>»jS USI 

^>Sf! jbu-Sf! ^ ^LaS jbu-Sf! JjJjlL 4^l£jJil! JUS AjiUa4 JS Jj^SI JUS ^i 

I Jjflj 4 U>iJj i ^aIjjSI ja-S Sj^fl Jjjj <>j c>ajUj (> Ojjj 
JliS £lj i ^j»1»1\j t^^SI Ojj^-^^ Jijte (J* U*J*1 d V^J VJ^ -^ ^"^ 

^jaj ^Sflj AjjlaJ! CjVU»aSI o<»j Jj^ J (^ ^£J*^ Jj^' O^ ci-^ ^J 2 ^ 



81 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



J^ »Ltt) <Jjfc jiSSri 4*41 Jj jStti A^l 0«6Uj l^i VI 4 l*^ j^jkil! 

/V^J VJ*^' L)' ^) ' ^-*>* c ' J ^JUl!) jjfLjiA ,Jfr UjuJ aj 4_LftiUJ| djl^jVI 
4^-Al«Ji £aJlj jjkUl Jjjla J ^ 1 ntl i ujjft^l ^> fA jjC- £j» £j£j!uu V 4laai]| 
Jjill 4 A^tri CjLa^ (JjaJjL JjAmJI uiui^Uj <->J*^ *lj^^l U- 4 J^ <jl ^^J ' 
f$JjaA J Jj^^il c_»xuJl (jifcil Jjiu2a]| uiiljil Jjjfl £l I^jAISj jj l>u*JJJ ^JJJ^I 

|JA JjlaJ J Ja*j O! V^J ^J « »J*lj 4*ij fr^l <> i^ L)l V** J&*^ 
AjjjJ ^Ij^u JL-j) ^ 0»J « L«A*^J O*^ 1 ^• U ^» &H»* >^J ^ 

. jjkUlj f IjMI jVniij 5ba. Jjjj <^UJI *Uall J^alluuj 

j^a^l 4^jiL> ^>ljjil Open Source 

(> l^jfl jJjkli! flj t AJjxa Aj^>jj Ail] ^jU Jja^> ^J^j Jflj * fls. ^J^j 

^»j «-aLJjjilj ^LuaLaJ) <Ua^»jJl JljSVI Jj^*JJ ritual * j 1 aa II xJaluijj ; * j aa SI 

. Sjja*]| ^alj^l d^J ^ailxSl ^>ail ^ oIjj Jfl U SjjfruLaJt l^Hlal 

/http ://sourcef orge.net 



^» 4 ^>UjjI] 4-uaH Aai^a ^J>uw Jil ^i^jj t ^jjIulaII <|ji*j ^S>> jAj 



82 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



SjaJI g^ljjil FreeWare 
. J 1 ** <> J^' J* j^ £*Uj^ Jj*^jj fcu£ 



^tuiAii j! ^jLUi gaijJi Shareware 

^ill g2it!t £C O^V ^4 £-*b^ ^ &&j&\ S-*J^J £jLuLi«VI (>mu jl i 

. Ju Lufl &ft1f*nnft1 l <> *fi\j& ajj 

UjSj AijLJli ^»Ijj Trail , Demo Wares 

jjjkiilj Ajjaail 4ia.>4 ^ ^»1jj Beta 

JjlS i «-aUjjJl qa AjjLuIj djjlxftilj AlallSt 4-^unll JjfmJ La Lilt «-a| jj < _ f A J 

-iUaiij 4^jJii| CJjjIa aj Beta ^* 4-%<ni tliiJJ ^1a Dj^" " J^*-"^ >UaIi jj^ia 

. tilij jjfrj £)„" " s '$ *J*lj (jj 1 * > ^"' ; " A ^ f Iji ^4 ^JJ^ (j -4 Lumu Cia-Luaij 

. ^UIL ^JbuM AJaJluiaJ) ^uaHJ Lu) ,Jfr .b£Uit ojSJ aj L&a Llagj La 
SJj^ ?la1jjj jjj^ .»UaJ '"'j/*'** SjI&I aj (j^j t Ja&2 ajj f « SAa] AUalil ujjjj Vj) 

«-aljjil XJ.AA. aI^IuuI (ill fC^uuJ I JA J i \±Z. Jjifl CJflj ^ AjAuijil L^xSlj^ (2>* 

t Lajj r ♦ Ajjaal] L^aljj <iLla*j £a\ jA\ lj&\ £& ( jLjA^1 aSj! A^LaJ! ^jJ 

tJULSI ^ ^ AjIuIuu Alijt jl dljS &. diaJI ^fl AA.UII aJC till jfij^ui ! JA j 

. (iSjL^j j>ia]| JaU Jfl SjJal JljSL L^a^J ajj 



83 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



iLu9JjaI| <J* iilo=J| S*| jJ 



^U&l ^Ujj]| ^!jj]| a JA j^.! 



^4v/ra AntiVir Personal - Free Antivirus 




AVIRA 



o JA t AjLasJI JIa-4 ^ 4JbLo& A£j<uii Jjaa^I Jt-aUjjJl (j-« ^UJLa-aH Ai-uuil ^& j 
qj&I^IulaI] qa jjj£ ^^j3^I LjjLuuS! (JJC-Uali ")j t*Jj«ui CJjjlaj ^iJlj 4£jJiil 

AjxL Jfl ^ ii! jj.il! j 4uU&! CJteliuail ^L» ££?-& !^>J 4uUlt A£>ill - © 
jjflj * jil ^»Ujj ^U Ajjjjj ^jj UJxjj 4 <^auijII 4*iJj* <> £u»UjJl JjjMi fn 
l^JajxIuiJ o-jjjS tituuSL <iljjaj S jjL-a 4-wiLui £jaj £jx* cHJJ^ JJ$^ .AJc 



84 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



££ Avira 

Guard: Ma! ware found 

Date/Time: 04/05/201 1 . 20:23:1 3 
Type: Detection 



A virus or unwanted program |TR/Agent.dudi'| 
was found in file C:\Documents ana 
Settings 1 *,. . .\M I N \-S KYN ET-S ATA U . I 



Access to this file was deniec 



Please select a further action 



t>*JJ^ ^^ 



'.E» 



^1 



QMjM 



|S 



Help 



Remove 



Details ] 



Ajk- oijiJ Vj t g^jjjll Ajjajj ^Vmmt l £^a!J 4jI& j i Zljfrut J£j JjSl^il 

A^SLLa tiaUjj dJ&Lui^i <^j^l ?-*ljJ (j^ajiiluuu) ^-ujiil !iA £)•* IJjL^jJ) jjflj 
Sjj^aJb JliJ £^ajJ f^J ' cSJ 3 ^' t^ 33 ^ £jh*"ij ^ ^^ t^ 3 ^ ^J^t 

urn 




^jjjlill £ilia AJbJa 



tf jUll jSJaJl 4^ 



4jS|jaJI guljj ALIa 






85 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



; JI^a aI^jS) JjSl^Jl ^1 JjIa j] '* i<,v j-" ^ aSLs Jauaa JS-uu Uauij (Jjjj LaS 
:: jj^l <> ^^u- U ^ ^ LL ^LS <jj£^ ^*-^t C>^W V^J 

jA l^j Wintj AijjJa jl (-ijluuj <|L (iLJl Altuujlj c 4j (jobs. O'JJ^ J^" Jj^ 
^>Sf! CJlUai! ciL.il <j£S ^ IJIj < <iL j-aliJl <j-JJ^ £*^ lj^ ^ <&i 

. (-ijluul ^L <iLi& Q *jl\ tAJJU IjA. J^-util (j«« (jjituifl 

JjUj ^aUjj dLJA jb Alii Altuuj til] j$ u ;- 4 .if* 4jUa. jlJa. liLdl u^ ^) 
tLv»jm Ai ^U-uJL c/Uall jj ^jUI! jlJaJ! jjUj IJIj * i^jj32¥b JtyaW! 

. ^IaIi jj ^La*ji]| jIja^i ^i <4ji£ j^' ^-^j >*f jLfr^ J*4jj « 4jjxa 

; j aJJJI xia TLaUjj <ja 4JLuuj r j^lw ; (JJ^L^iVI d^A t-»SljJ (j£J ^ (jl 

jl H_auJ! (jJjLaj UA *j Jflluajj ; *4^ c ' j f"'^ Jj^? &*^Ji ^-^ 0' ^J^^ 

Akuiljj SjiAa (jjSlui jj>*il CjLaIS 43j«ui JjIaj CJlLlall ojA j£ ^' jl 

t tfl* fliauall o-Jj jjSl^i! J£J Stpo-ui* Jl*j j*l CJlSJall *JA J£ ^>1j £l 

CJljiuil <> Jj>]| dilJa^l ^ jl yJA J*l£ JI^j djl^A JUi ^k- flj.il! Je 

. jljUVI ^i Jj^^l vj^ - ^ jj^"j ^#?^j^' 

jju VI CujjjVI ^iuaH Vj t 4jfl Jjj>« jjC- j^ua-» £>a ciL> ^j Jasj V 0' f*^ 
dlJ Jsu dl (>Jai i £±^h j^aliJl J«ail| ^ l^LyiljJ ^ ^3J1 CJUla^l Jjjkj 
j^LL^Sfl (>-» 6^ '-^*- Jj^^< CX5*#* J< ' «^ J-«W ^! <^<>^< fJj ^ <ilj| 



Au^Uil cjL-jj^I 6a ^U ^2j32) J <!uti\ Jlj 4 ^1 ^jjl! ^1 



86 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



jli)| j|jaal| a»lH : <#^^l iH'ja'l 







jl Jluijb l^LLa!) ^»UjJl Jfc uinritlj AiLuijil JA ^ jAtflt 4ui£ ^j*ilyi 
^jUil jl^aJ) '"';;"'"' Jiu tiiJa-iuj La ?^ajJ JS-u^l tJA 4j1axJI 1.1^ &£AJ ls^J 



87 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Without a firewall 



...j^^w*"'**-^ Your modem/connection 

The Internet World W ^^^-^_ ^^^^— 

Anything, 
Anything 




With a firewall 




Disallowed 



^^* 'disallowed 



. jjjjii £• V^i ^» ' Jjj^ oj-^ </#» AibJi 
jjsi^ii jjk; ^k. Ijj <iiijj * ji>i*-b jjku AjjUii ob^» d *j^ j^ 

AjaILxJ) <ba-4jjil AaLuJ) ^ (j^ui buiaj t (JJlaalail AaLui ,Jfr ajjI) 4 - uflt u «1\ 
4-ualiJ! ^u.U-Ai! CJVU-4 u$ VI AxaM CJboiAi! <jAL f^lj jJj LujC Caala 

CJljI^al £jjluuj Ajj ^Vhhj <-JJ*^ 6* J^' J0^*J ^Hb"! 4£>^ J-»l£lb 

Zone Alarm PRO Firewall 4-**-l 
FortKnox Personal Firewall j* j^l Jjj^ f Wimim ££Jj 



88 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



tLLui Uj^i US AjUaJl CJllfla <> AjjIjII AlJall jjjjuj <| jU j!Ja Jfr Alj^ez. 

FortKnox &Alji 

Buy <*&& uiUiU 1 fSj SjkaJ! <jJaJ JJLuul! S-ilclj * g-aUjJI Cjjjjj 4u 
. g-aUjjI! £* ASlijj flu- (| ill cjluAu^l ^Sjll JLSjV 2 SjkaJ! 




jj < ^"' ; " A ^ UU-4 (JJl^lL AjUaJI ff-aljJ pJJJJ ^J^ ^^^-^J^ ^J^j^> J«**j 

.VJ*1I 



89 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 




Block Connection 



Whols Lookup 



LISTEN-TCl 
N ^TEh/TCP 

/ I 
1 



^Internet Download Man | 
^Internet Download Man 
40 Internet Download Man 
^Internet Download Man 
^Internet Download Man 

Iv i ^^1 Download Man 
V J I Kfl D o vv n I o a d I . I a n 
Q LSA lie 1 1 [Export Vers i i 
Q NT K|m el .System 
P^lAi^pjfation Layer Gatev 
QJafctTM) Quick Starter: 



Terminate Process 



Connections ^"^ J) i ffi" * " ^ £^ajj *jj^\ 

:: >! jfi Ulj ftijSfl £>& Uj^^ 

cjVl^SVI^li Connections- > 

( ^*^» j#-) ^Jljaj^il v** 2 tr^J Trace Route - * 

. JL^iVI (> Jx^liS Details - 1" 

. Jtuaft! jfe* Block Con. - t 

t$j JL-ajVI ^ ^31! A^aJI £c jSsi CjUjI*^ Whose lookup - ° 

. 4lajj^ J* *j^i Show on map - 1 

. JL^ajVI I JA ^ ^lun <^l AjL»*JI JjS Terminate Process - V 



90 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 




jj > ^ £^jj £ 



Applications ^"^ 

. £*1j^ cjVl^aj) JfrljS <aj11 Applications 
. £a!j^l JS ^ Select All (t 

. JJay^t 5-aUjj]| I JfS £*yit AHOW (? 

. g-aUjJ! !ja ^ J-a2V! j^a.! Deny (* 

. Jtuaftb fJ L Utf* ^Ul Ask (° 

. Sj&lSil » ja uti* jA j Remove (V 



91 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 




EH 
EH 



Connection details: 
Remote host: 69.195.141.179:443 
Reason: HTTPS- Secure web connection 
Protocol: TCP 



General advice: Allow 



mi 



Allow this network communication? 

Lj Remember my answer 
and do not ask me next time 
forthis application. 



W^^^B >- 



CuIaC-l AiLui (j-4 <^"i ^*^ J^j t Tjc.alJjjj't ^utl ,J| Ajjjj jj uaj «. 4j£ p jxijAjl 

. IgJJLuu f Jjj j-»V1 ^^ac-i <> U) jAj t dJA jLuajV) 4j1a£ ajj 1 JUJ 

yes ^C- Jduiailj t jIjaIuiVI ^jlalmJfl CjjI jli jl 

j^aai SjIcI JjUj V lai-^l t JjjSjjj'Ij diaaJ! JjUj .£ila jjC- CJJS jlj ££Jj 
CJUdujjjiil A£jaj tiljfljx* jJjkS AjLS Ux* £jjjj 4 £)Vl tP* 2 cr^ £*L>^' ^"^ 

. Jtuaftl JjUj ^ 31! ^UjjII ^1 (\ 

oJA ^i ji>» ^ <|i jA UJaj t 4j JUsjVI ^»Ujjil JjIaj ^j!) ^j <|Vl (t 

. g§t j* ^iuaj g-«Ujj UjS J US (ji£j£jjli jSf UjL 4-uatiJl 4JU1I 

jjUa a) jjIj Ja j JLyfljVI (-U* - £■* ^^'j 45^ cS*^ ' iX^N\ J^^ (^ 

. CjVUJ! u^u ^ ^Vmmtt g-aUjjl! L^jL ^31! ^agnail) (£ 

tit CJVt-ajV jjSla JSUii ^LtJ ji £*ju Sj&IS 4iLaL djjlj 4jU <^A j (« 

jjj iJjjjjjVIj a-aUjjil JL^jI ajj i iifl Yes Jai**aj ^JJJ^I 1 ^ ' S-aIjjJJ'I 



92 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



^Jaj ajj i ■■ AJV t V j) JLauu J^2 JU^jV) djb^J 4Jb ^J^^ 4-ajIS O^J^" 

Q^'sfA Applications ^"^ ^) <-M'^\ * cjUail IJI jjku-jj 



4aK £*^ajj ^jU jlJa. £aL3jj ^j ^S Options ^"^ uiUiJ! tuajj JjkLuj 
4j.ll <>4 £JLj V! ^«lj^l <^J J^u ^1 ^n.j ^ t$J>J t gAUjjU JJJA 



Jfl U £jIjj ji 3\}'riij i 4jUaJl CJlLIa <> 4»aU 4SJa U^>i J$ jj£j lifjj 
jI^ua-Aj jjkuj f jSjj U l^ltfi 4 I^ajL ^jj ^511 Qa\jj1\ £J*> Jl^> ^k- Ijkj 
-) >^ -'■■■! xJaluu jl ; tjjUil jl-iaJl I JA ajaIumI IJi ; JjSLpI c-ult ■■■! jjlajl Ujj 
A£j«i]| ^yujij 4cjIL» ^»Ijj 4ijl£. <>»j <-iJ** J* J ' J*J £H'j lsJ-* J^ 

. f J^' V^USI £*b^ £»l*j« jfr^t <> <> J Ashampoo 

Ashampoo Firewall 4^1 

AjLasJI JIa-o ^ &JJ^» c£^ J**^ 4jaJI^ 4£jJil j^l £j)j Jjjj|9 <^JA ^^Ij 
U US|j£ 4 £3ljll £)13jVI iJfJJ ^U-a Jluu 4jUsJ| g-aljj ajSj 4£^i Jjj <^Aj 
J^aVI ^ ^>Ijjj ^3JI f UuiSfl <>a*j] Sj£jL» OjSjj 4jJU»aJ! £-»L>^ C^ ^ 

. ^jjII ^j*iii 4*jSj ^ ill 

4 14^»Ijj ^i^ajj JSjS ^i 4^K1I o Ja AjUS ^jMnn Comodo ^^ ls*J 

SjIj (JSxll a^aIumj Ai^^La CJljjIaj JIa ^fl J^aflj pUIajb 4aJLutJVI » "^ LLLc- J 

. SjUS Oil ££L2a*J!j * 



93 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



jla 9 pJ| ai|j| cts9 



3i>|p : <£JttJ| oujall 



jjjju L^LaAJ ^j 4£JaII o JA £)i VI CJLuijjjiil AaiLia gutljj ^ JlaJl jA U£ 
oJA t£.Aal /Jfr (iljt^ f Ijjab .1^1 Jaila. aoa ■ <aj X-JalmS <j£lj c djblLaSJl £)•« 
jpljjJl dJA ji ^^a-AJ 4 CJLuijjjail CjULu Jfrljii Cilia - IjjJaj (Ja^aH g-aljjll 
uiLa 4_uA /J& (ill J«u»jJ t|^l jLuall ZC-aLSjjJl jAj t L&2 jlajjjll ^ 4 u^uaala 
Jja.illj JjSl^il jc-Luij &!i (j-«j t (ilia Liaj (j^j iilljA (j - * 4L**"^ < -*^ ' f4^ 
jA g^UjJl 1JA jL £2j^ jl ^JjL» ^1 ^i (il&il <L& 4 ALLuu J£j (ilJLfa ^ 

AjLuluj t t^Jl^a Jab ^jLj&I jj£ iaLwu ^ '^'^.'^ 4ijta-a ^ LpxaAt jjjxj 
* !%^ CjVIaJI cpaau ^ L$iL&£! J*aj <^l CJtiual^al! <> jjjS ^ CjUUjjjI! 
MJouiIjj tilflJ^Lmj J£ -fl uaau <jV AjjjA t ^^a-ajj jJja AJouiIjj Lfrxi^ aj <jl La) 

4_ula AjLulaj 4 aJali yj dujIJVI *ial mj (j* 4 V^'j ' ','* .'^Ij ftAli^Vlj 
Jailja < _ r Iaaj ^ JjSLjJl tg aJalmj T&f^t 4jj3 t-flJLua AlaD jjj*j I JAj AiJL-aj 

j^aJl j!ia £ja L$*.y* Jjlaiuu SjjjS ^IJ^aa <> 4lLa 4ij < Jja J$\ Ua^»Ujj 
^ ^>!jjil ftJA La/! AjL^jjj t ^>Ujj]| ^ <>*!! ^S ^^j ^Ij t 4j]UI! 

Trojan Hunter : j* ^>- ^4**- ^1 ^>Lijj]| 

Ajjjjaj Sjjfl ciLLauj i ^^Auijil AjlSj^ ,j^ 4jj^aj *j Jali ■■"« Ida Jjaa tlaUjj jA j 

tj <ilJ! VI t$ii* cjUUjj^I ^aL <ilu^V! 0** i: u *'"j ' 4^ f Jri r * »^ 

. Alalalt Aiu^Ii! t^allal I J! V) ^jl** Jib liiaal! ^ CjUUjj^I ciJa, ^U-.,..-. 



94 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



TROJAN ALER1 



TrojanHunter Guard has found trojans running in memory. It is strongly recommended that you 
check all checkboxes and press Clean to remove the trojans from memory. After this, you should 
immediately start TrojanHunter Scanner and run a full scan. 



ET 




±£&*i) d^jji) £jj 



ja ttegyj Litest pi 4ft> 4S jjfc isyyi ^ 



Check All 



_L^ djL^Lj 



^ Clean 



Cancel 



^lax^ ^fl 4Jc Ja L ^I J*j 4 Clean JJ J& iaL^L uiiaJl 4jj^! fr« OW-JJ^I 

<j^mu ^ O^J ' Jji-wuil SjL&I <-ia>j3 4JLuij jj^ia UJ-^ <-*^^l A^j ' " £aVUJl 

: ^iUil Ji^L cilsJ! AjLafr J^Ui jf& JS CjVUJI 







li.iaj* iui«£. jusy JJLS13I »J^! — »- 



dJA jjfla £#». <|jjfl JS*-j JLfaJl Jj*^J <-*W * J^£>^ Jri*-" 2 S^j ^ 
. ALImuj qaUjA\ lib £* J-U3JI 6- ^J^' <#^l J%*l l£4> V J± ^SU-ji! 

. <&l ftffij j_j>U UjjuUS * o-j^il lib AjUJ ^1 J-uaJ U J! 
.4LLJI 4JVl ^ AjL^uj Uo*a> Ui&Jj u^JJ^I c** 3|< ^ ; " SjjjS g-aljj dU* 



95 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



U "? il| c!il -i9 l So £i>|}J : gj|jj| tJlijoll 

0j9J=lLoI| 



Zemana AntiLogger 

<ittjj 1$1a Jj>]| A^aj JIJUj * A^Uil >!jaJ! <> Jj^I ^ g-abjjl! J-ua^ 

: J\2L Qa\jj1\ ±sA fbfl & <iljjlau fc£^ 
. Jjjj ^1 Cibola ^ Q M«r\& 4jjbw> 

. IjAftlSJI ^J& j aail Aijbk* 

. fUailt JSc Jib ^ £jj AJjUa 

Jj>- <^l JjUll I JA Jail J J&1\ J-^fl f»j * 4£>jJ\j O^V 1 4^ ^ 
^fl L»£ «-ab*jJl £a Jjflj-aJ) 0^4^ Ji-wu U-Jjuj t Actual jlj^ £>* a-abjjil 




96 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



^Iaj (^jU jld^ Ai-^J O-a "iStUl JjS Sjia^il di& J^xj *&j V : A-4U Aia^U 



Anti Logger 



zeMi 



OjJUlcJI q^J 4jLa^ 




^ J^ja^dJ 5I .i^jGIjxJI -ki-L^iJ £ ^li^>_; ^Liaja >EjL=iJ O&Sk. 















, 1 










ll 








* 






•J, 





r* 







97 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. ( ^aljJ) J±* ) jj J& LLiaj fj <>j 4 £jjj U£ 




Sp'l' ul£ Ja-uuuuuJI 



4-a>>Jl ^*ifiJLoaijud(V \j5-^> Zemana AntiLogger 






4F 23E 753SE63FCD6 13 709 154F96 AE266 
LiibEj iAJL&l 



6/3/2012 
366 






jj 4JjJ*j jj fUalll J1U ^LjiAJ Cjjjjj £aUjj JjU jifl * jtfraJl Je- Ijki 
La liljjiJj t (illJ P jfljj djjij 4jLu)j j^ialui CjIJjaaII ^ Uj£J Lalla j aJUl 

4a jj Jj J>-aji! <> ££au J**> ^aJJ ^ W* V^ I JA J *L> L» £p& 



JXA-uuJI J-O OJUJ5J jlJjl 



GOO. exe 







:: JjVl^Lu-ji! 



000, exe is trying to read and modify PhyEicalMemory and could 
gain full access to your By stem, Do not click Allow unless this 
is the work of a legitimate application. 



jluJI i5j* inn 



000. exe 
000. exe 

(j^p_^ja [^jift^cill ^_yJi _jiUJ _>aC 

rjs^uJiII eij£li)l J^^ [Type: 7) 



jjl1"[ a Lj Lai , ^ 



jUpafcjBjj ^ j n' ! Ut 



iii 



U '-'-.. '.: ■" 



Ji* 



98 



4j<n^niN Sj^Vt ^La^j u-^i uitjl^l SjjJ 



OOO.exe 4^1 j ^»Ujj]| ^L <4jj*j u$£ t la^L Sj^ail Jib jiJ Uil» 

. f g^ JS £*312 Jl JjU LsUj 4 jkSJI <$ j!ul4 U ia*^ SjjiSh *^1 Ui 

..^oii^sujii 




OOO.exe 



OOO.exe is trying to connect to your microphone in order 
make in audio call. Do not click Allow unless this is a legitimate 
application such as an Instant messenger or similar. 



^jj_L_u 




OOO.exe 


U££aJI 




000, exe 


*£j-~jJ 




(■J^fl-^Jl [^AtsiJI 4_sdi jili j^i 


JaLtiudl 




Sound Recorder (Type: 40] 


jJiSJI r^ffl ..if 


jfa. ,d" 


Xk^l , Ljj Lfij 


^^ 





|9f iieis 



Ji* 



99 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



O^LU! OiSjj^W JLxflWI JjUj 000.exe &*UjA\ ch <^J^ *V^ >** 



..^l^lAiLuiji! 



^ 




















000. t 


ace 






000. exe is trying to capture your screen. Do not click Allow 
unless this is a legitimate application. 






q5 >dULl J| 


000, exe 
000. exe 

quiiL^JI J^** {Type: 4} 




2f &ifits Liiui 






jrxr.. ............. . ..... 3 


I -S. 




i! J ^J&jljUU3 :\ 


i_M^ 











JaL^i ol «^j) « <^-^ Sj^-a lalftlt Jjbu 000.exe £-^jjI! 0» tr^J 



100 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



JhOlflj 



^^^^kSl I !J ^i C^^^£i 






AJjOlsJI J-LuljJ 






^uiS^JI ^J^iJI Ols^Lz^ 

■uL^i^kJI -rJL> 
' j_^LiJI 

j. ■ -■•! j 1 1 Q I -*■""■ *} 



J£*JI 



J^" .^J - *J ■ __' . C. -?"_-' 



jj£1 Jj.^Uj (j^aj^ jlauJl ,Jp JaLuat 



000. exe 
342S 



Di'TireV^..^ 

000. exe 

(j_^jtfl {^j^tiJI 1 _fi_s:. j -its ^iii 



^ " " 



: e*gjr>oJ T-ftLaJi 



j£l L*-i- jdu! jSij - ^aUjmI! 
^mj jjflflJl lifci^u 



ji5i ik^Loj 



xit* 1 * 




tf$\ . L^jLaj- , ^ ^c 



CJLC'Ji LuUi 



lJ r^t n ■■■■« 



Jiis 



**•■>" t £LaUjj]| jU*l4 jA o^jiW (ilwiil xla&i L\ia LLa^j Laj ^ajUII ft JA j^Jaj 
(^J^l /Jc- 4*1 jj ; Ja^uaiL «-aUjJl jUauj <lAiia]| TlL^la UI 7t2ii£ jlxutil ( Jc- 



101 



Y% U 



4j^^nill S j^aVI *LL»^j 0-«i (-i)jj^) SjjJ 



!iLoLoJ|9 ciiLli^Jj jjajiJ ^o|>j : (>ji^LzJ| i>ujaJ| 




U jLSul Js> Jajlu- <^l CJliJai! ^A U J±aJ <J uiaj 4jLp! ^ii * uityJl 
(jiij Jasj i^aa UjjC- jl tfv^ui ^j <_pl! £U»IjjJI CJjjH *I>*J t 43^f> AjU^J 

. jj%J! JUL! ^> Jit ^ i jjUSu- J*j > Jj*l! f Li 0)J 



KeyScrambler : JjStl ^>Ljj]| 

jji^uil (jj /*J«-aj ; 4 iHa * (JlAxaJjIjikJ «_u£j La jj* 1 "**' ^ j^-^^""* JJj-aUjj 
Alu-j ^L j^aii) ^a^jj J jVmtj j 4 4jLSJL ^ jSj S^y» JS ^fl jj*jj ^Vmmti 
jli 4 (IjLaI^I jjiuu ^i Aliajjlja. ( ftl£j g^UjjII <J$ ^»Ljj ^j jjC jl CJS 
Jjjj j) JJJ^ CJLaK (J4 l_u£j La tjflljj < <ilflljjlL a\1 La ><>«■*■■*■ jt *$1a LUajfi 
£>a (j^ajJ (j^J < LiS li^Ull 4il£*a <JjLal£j jj-aj 4i J^J' " < f^r"" c^l J' 

. LuLjJ <iL 4-ualiJ! j-uJ! CjLaK J! J>uaj]| 

JS uiAJJ » jl! ^»Ljj ^U ^jLjc-I Jluu Premium 4i-uall iIjjjjj ju 

C:\Program Files\Key Scrambler 

cjIaa I Jl JajaL^ail cilail Jib a±aJj KeyScramblerIE.dll *-ii^l ^"j 

. JlJjluuVI Js. (JSljJJ i AJjiail <> ^Luall 

. JL-SfL AcLJI jIjaj j ^jm ^»Ljj]| Jajj i 4jLfr> Jjx^u Jj*j Uj*j 

j$£j ^j g^UjjII ^1 SjLxil oJA JIa j flalui fjC-Aa ^»Ljj ^j £jfl iJC 

JxaiL 6 joiuu aj La JjJajJL 



102 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



y New Version 



Encrypted Keystrokes: ...l^svddn 



*' * 



% 



Microsoft Word - dooc-fija j>l 



Pi iiiii.'i ^ JC . 



:DdEe tfdEe DdEe cDdEe :DdEe 






:DdEe 



|#JHJ|#H|*#j^ia^i! - A 



L 



ji\ j^: j4is j**; c* few 

> j£U* Sbi JILa ^ai 4ji 



.1 






uidjuoMi l^uui j»u <i^j tteyscramoieriiL.aii 

jgJali ^Aj J^UjJ' iJ*' »jW*-' *J* J* 4 jj R *'" ("J*** E^-J* a 1 £^ ■** 



. jIjaLuuL jj«jjj Miliar CJbaJjIji Jaj*j <USf &&J t JJ*U ^AjV J«aj 



True Crypt :: <^l £^L»il 

tytijAj JjU U I Jl CiliUl) jjiwu da ^L ,£ jSJj 4 <ilij ^fl Lp.j]jj£2 ^1 fj&lyit 
j!>lk &a VI ; u "'■■■..' V I^A (j£Jj ^>Ujj Jji-uu (jja. t£ti &>^J JljSVI <jj£ta 

. Sjluiil lilfi ^ CJl jiua 

5La1ubu» <iLl& j aall jl •iSiu jl (ilLI c till AijflLui La j*^' jl uaj UA j 

(iLjjj c pii Lpjijj£2ii aIaHujI xJaj 1 ■■"* Auij^ii uiijLvi 0^ j ±&& t f •< a a jj&j 

( Aj j-aliJl JLfaJl ^fl o^J * J^J U ^ ' "^ ls* 

tt j-aLaJl jJ>-ajil 4^ Ua.jJji£iil ^ \Vm , \"\ Ji (ilbl 

!! <4>t>-ij «iS2bjiJ lUa. J L^Jllu^ <jl «ilLI 

!! iil djiuu Lu Mbu oi^m 
!! .. j>ASa1I 



103 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



. ^JUli£ Aj-uuijll 4-4jliIl j^ialuij «-aUjjJ1 tl1£j Ajjjjj Jxj 



TrueCrypt 



Volumes System Favorites Tools Settings Help 



Homepage 



Drive Volume 



Size Encryption algorithm Type J [^ 




i 



Volume Properties,., 



Volume 



B 



^ 



Wipe. Cache 



P Never save history 



Select File. 



Volume Tools- 



Select Device. 



Mount 



Auto -Mount Devices 



Dismount All 



Exit 



:: ^ILSllS gttt 1 ^j jjl! ^ LL^I jfe 
TmeCiypt Volume Creation Wizard 



(* Create an encrypted file container 



m 



Creates a virtual encrypted disk within a file. Recommended for 
inexperienced users. 

More information 



m 



Encrypt a non-system partition/drh/e 

Encrypts a non -system partition on any internal or external 
drive [e.g. a flash drive). Optionally, creates a hidden volurr 

C Encrypt the system partition or entire system drive 

Encrypts the partition/drive where Windows is installed. Any" 
who wants to gain access and use the system r read and write 
files,, etc. , will need to enter the correct password each time 
before Windows boots. Optionally^ creates a hidden system. 

More information about system encryption 



Help 



< Bad 



Next > 






Cancel 



104 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. ^Uaiii j^ajS jji^s _ r 

:: JjSf! jbaJ! jU£! *u ^Uu . At lPW 
Volume Type i i 

** Standard Try eCrypt volume ' 

Select this option if vou want to create a normal TrueCrypt 
volume. 

C Hidden TrueCrypt voly me 

It may happen that you are forced by somebody 1 
password to an encrypted volume. There are many situations 
where you cannot refuse to reveal the password (for example r 
due to extortion). Using a so-called hidden volume allows you to 
solve such situations without revealing the password to your 
volume. 

More information about hidden volumes 




Help 



:Back 



Next > 



Cancel 



:: J^ijj JjSM jLpJI J^^J 4 ^^^aLa <j^Ji f Uoul < jr *j _ Y 
Volume Location 



Select File. 



ts and Settings Vjser'pesktop^bomossa ^J 
15* Never save history 



A TrueCrypt volume can reside in a file {called TrueCrypt container) 1 
which can reside on a hard disk r on a USB flash drive r etc. A 
TrueCrypt container is just like any normal file {it can be r for 
example, moved or deleted as any normal file). Click 'Select File 1 
choose a filename for the container and to select the location w 
you wish the container to be created. 

WARNING: If you select an existing file, TrueCrypt will NOT encrypt 
it; the file will be deleted and replaced with the newly created 
TrueCrypt container. You will be able to encrypt existing files {Jater 
on) by moving them to the TrueCrypt container that you arg 
to create now. 




Help 



<Back 




> | Cancel 



105 



4j<n^niN Sj^Vt ^a^j u-^i uilji^l SjjJ 



. iajLuaib 4JILaj (j^jiii jbuut j^^ — ^ 

. AjuIIaU Next jj UiU jUiJ - 1 



Encryption Options 




Encryption Algorith 



FIPS -approved cipher [Rijndael, published in 1993) that may be 
used by U.S. government departments and agencies to protect 
classified information up to the Top Secret level. 256 -bit kev r 
123-bitblock r 14 rounds (AES-256). Mode of operation is XTS. 



More information on AES 



Benchmark 



Hash Algorithm 



|rIPEMD-160 _*J Information on hash algorithms 



Help 



<Back 



Next > 



1 



Cancel 



. 4*1211 J £lj&| <> q\ te jUlVl &&^ j*Ltil\ e^- ^ 

;; £^HJ Next k*'^* ' AJaLuuj jjlniMt iil£ ^Jl^ 




Please specify the size of the container you want to create 



If you create a dynamic (sparse-file) container r this parameter will 
specify its maximum possible size. 

Note that the minimum possible size of a FAT volurjp is 292^. 
Hie minimum possible size of an NTFS volume is ^92 KB. 



Help 



JL m 



<Back 



Next > 



Cancel 



106 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



tiLftt f { tlult f i jl^ib ^aJt jUiJ - t 
. L^ajj Next i«Jal - £ 



Volume Password 



Password: 



Confirm 



;p*T 



P Use keyfiles 
Display password 



Keyfiles. 



It is very important that you choose a good password. You should 
avoid choosing one that contains only a single word that can be found 
in a dictionary {or a combination of 2, 3 r or 4 such words). It should 
not contain any names or dates of birth. It should not be easy to 
guess. A good password is a random combination of upper and lower 
case letters r numbers, and special characters r such as @ A = 5 * + 
etc. We recommend choosing a password consisting of more than 2D 
characters [the longer r the better). The maximum possible length is 64 
characters. 



Help | 



<Back 



Next > 



Cancel 



. djLuul *jj (jll\ qaJUI U Jjjj ( JH\ j-uJl 4-aI£ jU^j llA 

WARNING: Short passwords are easy to crack using brute force techniques! 

We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? 



:■_-__ 



^Sa d]j 4 ^jj Jajj tija. &&£& <> J^» tP 6, (| j2*2 4-AauIa j<yi 4aI£ jUaj 



107 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Volume Format 



-Options 



Filesystem I Cluster!: 



Dynamic 



Random Pool: 53E060A2CB32E55332F59F33602SSS45... f? 
Header Key: 404387AJD40E1A9FAC5AM236AB036074... 
Master Key : 3 3 7 C5 7 3 AEEAS F2 1 A4 7BF6BB7 7 OBI 8 3 ... 



Abort 



Done 100% Speed 29.9 MB/s Left 



Os 



IMPQRTAPJT: Move your mouse as randomly as possible within this 
window. The longer you move it, the better. This significantly 
increases the cryptographic strength of the encryption keys. Then 
dick Format to create the volume. 



Hejp 



: Eack 



Lancel 



NTFS e^ <> cu* 3 d d*k File system J^ ^AiM » i* j^ 

Format jj ^L^l fi 
Volume Created 



The TrueCrypt volume has been created and is ready for use. If you 
wish to create another TrueCrypt volume r click Next. Otherwise, dick 
Exit. 




Help 



< Back 



1: Bfrt> I 



Exit 



I 



jjja. j-ajS ^y»23 Jj^ <> <utflt jj«luia Next «*iVit i ?i jJ Exit -ki-uaj 
Exit *** ' '***' o^jAil I^J '-«ja-«<| jj Lai i b Jj^ CjLLua! jaj 

^.1^1 ^ £i2 AjUjI ^ ill uiUIt Jib U jji^S ^ djliLo AiUil CJJjl I j) 



108 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 






•H 



*V: 
^: 
>X: 
>Y: 
► Z: 




. 



Create Volume 



Volume 




C:\Documerjfe and Settings Vjserfesktop^aboniossa 



Mount 




volume Propei N^s 



1^ Never jive history 



i. 



jA^ipe C ache 



Select File. 



Volume Toois. 



Select Device. 



Auto-Mount Devices 



Dismount All 



Exit 



*j (j-4j 4-a1p liljliLa A^uJ 4\\<tfc *ju1 <j^jS£ uiUlt 4±£j^ 4jUfc f ^ — V 



d filnn.pics {D:) 



&¥stem..{C:"ii 



f games (F:) 



.jJjtaJl 



^>iJl{Q:) %^j& 



e all .others {£:) 



movies (G:) 






Q:\** 


TJl£k^ 




— Ik 






x 

i 

1 




si 


23553 
1333x292; 
L^.-JPEGi 


'"»i ii>ftii 


* i^>€. 




369 K 329 


HBCD 11.0 (H:) ^ 


i_S^ JPEG 




olAiiL^ijo-user- p^ EJ 










slZ 
■105 x 152 
*#^ JPEG 


* ; 




^^^HISB 



109 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



Dismount All jj J& ^L^IL < & jit 



**■* Q^ C : documents and Settings '^user 'p . . . \abomossa 29.3 MB AE3 

«*<S: 



Create Volume 



Volume Properties. 



Volume 




| G: documents and Settings\user desktop ^bomossa '■* j 

F" Never save Nstory 



Volume Tods, . . 



Dismount 



Auto-Mount Devices 



Dismount All 



IfjjSjj f2 ^31! o^aljSSfl £i*> 4i! j! 4^J«jj Dismount All - > 



Truetrypt 



j\ 



Some volumes contain files or folders being used by applications or system. 
Force dismount? 





fifMJ_ 






\i 



. (j^ajAil Jp^lj t-uSjjil fliil <UL»& (jijil A*J Jduiaj c 1^ a) >4.*,,,.j 
xxoAi £*iaj fCj^IJ liJV t^J Jj.^a-ttl . 4AjJi UUaflj |JA t J-aliiL ^Ia-aj 



110 



Y% U 



4j^^nill S j^aVI *LjLa^j 0-«i (-i)jj^) SjjJ 



UaJJ| c$s9 di|jdL£il| <tiS||A : |jualiiiJ| (jujalj 



: tpVl LL.il jflj% oi v^j ' 6 j^a A* 4 * g^ji <f\ ^^ & d J^ 

. ^j^l oj^ <i& d J*^ - * 

2_>Lu J± UJllJai! fAl <ybj ( ^j^il )4b ) ^uiJluJ! 4lJal\ Cjjjjj ^ _ r 

Jax^L £l1a]| CJliUil ,Jb La Aj±aoib 

JIa-4 ^ AJflj^uaj Sjj^ AJauiljj d£LjJjuilj CjI&Ia^I frf*^ j^^ ft ajj — i 

JjL^JJ JjAlul Lfti dj.ll^ X.ULU (jj J^jJS ^JUJI A^LuLaI] *Uuu3Lj ; JJJJAAj£]| 

. £A.ii!j ^LUil ufcu£J AIuuIaJ! (j^aaii! JjJa £.i*i ^fl !iUlS AjLajJjla jjki Jl 

. jjkuj jaLujjj J*«2J 4-Lxa uijjla £LL»j 
; <1j| JaaJI d JA <jaij 4j.il Luajj dji] JJLwuil ;»UaJj 

JSc Je ^jiaj j$£ 4 L$i*!>» Jlut ^ 4jj"uil fialil <^L*ji ^aa j$i 

. SjIjVI ^ j&Lmu 4 nt CJlilaj t alal* ^^a-ajj 

Jjjxj ^Ij 4 jii uiLa ^1 Jji-uu £Ja jl Jji-uuJ JP JjIuiaJ) jA ^Uaill JS& £l VI 
t J££ aUHS! SjIjV ^ a ; a ' -*** aj {£ ill JSaJI 1JA xlufl ^a jA jjjjUajSI) -Je- Ijlaj 
£lj 4 fUalil JS& <^ Ijj^ja JlaJI Oj%*-a £*b^ 4^ La j^jUj &j* £)j 
die- iJ^J i dUaiil JSfr '.'J'^J'" 4JLJI & JA ^yifi t ^Ualil La (JjjjjjA u^uaj tijJ^ 

^Hlj c Alialil 1JA JSc- jA ' fl^luij La Jj) jlfl i (iLUal^ j aj <_a!a JLuijI 

. ^LiaJt JjiLjJ! Jji.il ^blj4]| j^xj ^jL dj^Lj 

LuLLAai J^uailib b)Aj*i J^l ^JJ V) o^ull ^ <JX«a jjSj Jfl JJ^V) d^A JS 

^^-aLwJl ftjjiij J^-» C5^i J>»^^ tW S*!JL JaJ ^J ( <LwiJ <_ r AAJ ^1 JJJJ 



111 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



ik! £jj fUalll * jj ^jj V £j*a £aUjj jAj ^jj^jaujll j ^aa-j ^Ua^l JSfr 
^^ j§ Ual ^U t |ja. <jJ-u4aJl Jj^jJt f jaJl ^UalSt Jac Jluuj t AL> £JVI 
jl£ A^ljlkl fj ^JlxSl ^fl cHJJ^ tfi (J* ^ ' f^' J^W 4«**« ^ 4i*' J 

< l^ibV t$*iu3 fJ ^1 JJ& <_£ jiU <jilj&V Ajjljlull Jjla-JJ (JSxll IjA LJ.^'inlj 
^fl 4Jfr £jjj Ua 4 AjjIj^iC jjSj jfi AjJfr 4jjj£ J-alji jlj-^b J**^ ^ i ■*£* 
jUJbj jl^aluiVI Jfr bjM f jfr £ <>j fUll jLj]! 4i*>4l 4J>uaj Aj^il) 
t l^ljily.1 JjLj jS ^311 ^J2uSf! <Jxul IjjS* diJau U I jA j < j££ fOa^l jLgJl 
Jfr jju <J 4-aUaJ £b Ul&Lfi 4 SjsJj 4*ij (JaIjjH <> J^ J^ 4 ■*■** Cjjjj jS ji 

. Sl—ttl! jjS 

4i^j*a ,J| 4 La a CjIjjA jIja /J^J Sja £>* J^' 4-aliaJ J*^j j£ *£i« jjj£ 
4ibl& I4S QjiA 4jiilj Aja-ajj <_jUu/| 4j>jjJ dijaj j2 ^jj\$ ^LLaSI jt#JVI 
4jay»jj ja\j\ (J\ JSx^l IjA Jj^aj jj 4 CjLdujjjaib AJbte- t$j jj t CjLdujjjiltj 
»UaiJl jaL*u jl ; jL^JjS Aj 4Jajlft]| uiiUajil JIaSIuj) ^ aLj Jlui luwj S jjj£ 
J 5 45* ^ f JfJ 0^» LfcHJJ J& JJ*J 4-& 4jA ^>ja. JJ*J cJjJ 5bjL Ja*1j 
' t ';- -j- ■■ (jJJjjil Ija jjj*j IJjijl^A ^jfr <^^j (jilL* (j^j 4 ALLulL >jAj Sj-a 

dbJV! Ui * I4J ^IJiWlj SjjJaJl CJljjkl]) dJA Jjjki jaJ JjSfl ftUjVI UAj 



^ tfl**Ji ^ OP* 6HJJ 4**-^ f$%* Li^-J^J ' ^^ L«J^ ^ 
J1U Jjfl Jja^ ^! JjL j^^ 1 O^J ^ Jjiil JSc 4^ Ajlk^» ^MJ^» J^< 



112 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



V L> j t jj»j ^l«aj Ufl t fUalil Jj>jj AjS)>> ^i fAL-j ^>aa JjVO^ ^j^j 
\j\ja AjjjS U UJU J! Jl £ajj ^iu»j 4 IjIac-j CiAk- J jVmm li$£ 

tibUal Sj&jla jjC-j M kj - ■•* S-^Ijj r>wi /Jfr J^frLuu ^JLxJl aJaIuuaII djjj V /^ 
Jc JSjIi Jj*J O^J ' *J*\ t/* <4j£*-»* £•**-- J-? c|1 O-^ ^S Ida. A^> ^j 4 

Autoruns : Jj^M ^>Ujj]| 

jj& L^j!>ui j'l tf^c-J ^xu fj (>j 4^Ua^>jJ| j^xj JJJ^ 2 ^»' £A£>^ 

^j^j ^^jj ^j ^ J^ V ^ ill ^lj^V» Jij^VI Aail^j U*uXl\ 
Jliiaj ^JjI ^ '-'^ t "^l ^JIjj^VI CJljUfr (JJb^ijijISj jj ^Jia. f- 1 jjj 1 y| ^L X-LaaJ| 

ujxJl t - aj - ^-*- j (J^I^miVI 4^ ^JJ (J^jj^aH jjiA^ail (jjli 4 ^otiJj ^jJtutJI 
^1 J! AlLbVb 4 AjjLai! iUljl! ^LaS ^ LfcH^i ^V> JjSI 0< ^ 

jliibJ! Jij 4 JjHaII SUiil j! Ub2A\ JIJL1 ^SjU-o J9u bula ! JA *blc Ijluaa 



113 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



j-» (J** &<^ tftj Ujj U.Uj! awIj ^j^ij t uj^j iiiuui cjUKii oJA (j^ij 

jjjluJ ^ J>!j IjjjS iajljj <&!j oL^Sf! O^ 4 4^1*11 CJluLua^VI S* Ijfl 
Ji cJ^u^\ ^liifl 4 VJ *J! SjiV' 6- J^< £*»JJ (/&J <> J»W 
t jaj ^ jij L^i Ij^ jjSis ( git ... tf jia - jdU _ ^i ) _s cjUis 

I^jjjjj ^ ^ UaiSf! <# *V^t f UaiSf! <_£*J uA£2j! ^ "' UJIj 4 LkaJ! £& 

JiA jSJluuj £^alj V <> ^^lai 4 4jjj]| ^ <>j UaaJl uLjja^J 5tu» A^tutflj 

. ^VjIaII JA 

^ 0*lj3» CH* ^ JtfVj *^ ^ Cd J*J ^>1 ^*J ^ (f£» L«0 J^ 
Jj—J JS t JlS AJti ii) (j^aj [SjjjA ^)] £fr [flu**] £ja^a ^ Uaa. jjj 

Ikk jjl Ul£j j^uailll <> JjV j tfeill t> ^i 
laid Lr L«aJI 4J <>j *** Lfi f lu, U ^il) IJ <> 

Ai UjI^jjI AjLS ^ LL jJ^iiib Ual JS ^ Jcliuj 4 LuUal! <iljJlu*J 0» V*J 
JjSfl 0J% jSj ' Jj^» 4^ uu --' (|^l UaiJl Oi^ & ' ^J*^ij ^^iUalujV! 

jLuiaII Jj& Jjiail ^jluu JjLaJ ^1 4 Sjjlil JjSx^l JJj»aJ (|jjJSjj ^Ijj^I 



114 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



'»■ Auton_rns [HrViH-Ql^SUDOWserJ - Sysintemals: www.sysi nternals.coTn 


•™h^ !-**-■ 


File Entry Options User 


Help 




as^ix ii 






1 Codecs □ 
•^ Winsock Provider 


3oot Execute J Image Hijacks Applnit KnownDLLs 


in Winlogon 


s *^g} Print Monitors sjr LSA Providers ^ Network Providers 


O Everything | ^ Logon | S -Explorer || & Internet Explorer- || 9 Scheduled Tasks % Services 


™\ Drivers 


Autorun Entry 


Description Publisher Image Path 


j-J 


^ H KLM \S FT WAR E \M icrosof t\Windows\CurrentVersion\R un 

|^ r /af AntiLogger Zemana AntiLogger User In... Zemana Ltd. c:\programfiles\antilogger\... 
[M C 3 avgnt Antivirus System Tray Tool Avira GmbH c:\program files\avira\antivi... 
|^ ^} FortKnoxPerso... FortKnox Personal Firewall NETGATE Technologies s.r... c:\program files\netgate\for... 
|^ (^ Google Deskto... Google Desktop Google c:\program files\google\go... 
\^[ [|_3 GrooveMonitor GrooveMonitor Utility Microsoft Corporation c:\program files\microsoft of... 
^ jj| ISUSPM Startup InstallShield Update Servic... InstallShield Software Corpo... c:\programfiles\commonfil... 
\tf (3) ISUSScheduler InstallShield Update Servic... InstallShield Software Corpo... c:\program files\common fil... 
§[} NvCplDaemon NVIDIA Display Properties ... NVIDIA Corporation c:\windows\system32\nvc... 
|^ [£j NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation c:\windows\system32\nvm... 
|^ Q QuickTime Task QuickTime Task Apple Inc. c:\program files\quicktime\... 
|^ ^fl RTHDCPL Realtek HD Audio Control P... Realtek Semiconductor Corp. c:\windows\rthdcpl.exe 
|^ |^ SunJavaUpdat... Java(TM) Update Scheduler Sun Microsystems J nc. c:\programfiles\commonfil... 
[^ , "^ THGuard TrojanHunter Guard Mischel Internet Security c:\program files\trojanhunte... 
[^ -^ USB Antivirus Antivirus software Zbshareware Lab c:\program files\usb disk se... 







^3 C:\Docurnents and Settings\AII Users\Start Menu\Programs\Startup 


|^ **■_ PowerMenu.Ink 


PowerMenu Thong Nguyen c:\program files\powermen... 




Ready. 



&\ f\A q\ 4jjj*J ^uuij J-abuil ^ lia. J^-ui < (.Jjfortll ^-aUjjil jA 1J& 
g^S AjUaJ JI4*. <*1\xa 2lJl&1 jjJjfl £j& £jla flf^J i 4JjAaII Jib 4ajLj 




ssnin 



di^aix 



^^a^J) ^AJlftlt ^ >i& 



«3 Winsock Providers 

_j~i Boot i 



_J Codecs 
O Everything 



Logon ' 



Autorun Entry 



Description 



■^ Print Monitors "4^ LSA Providers __| ^" Network Providers 

ffsut e ~~J Image Hijacks ^J_App[njt ' KnownDLLs ££ Winlogon 

. ;: Explorer V-: Internet Explorer '■ Scheduled Tasks ^%s Services J£& . Drivers 

Publisher 



H KLM \S FT WAR E \M icrosoi t Vw incc^v.^C:. ;; : c- ! k ver •: :on\R un 



|?f ^AntiLogger Zemana AntiLogger User In.. 

|^ [ ^ av g nt Antivirus System Tray Tool 

|^ ^^ FortKnoxPerso... FortKnox Personal Firewall 

|\^ (j^ Google Deskto... Google Desktop 

[^ |3 GrooveMonitor GrooveMonitor Utility 

\jfl ||j ISUSPM Startup InstallShield Update Servic... 



Zemana Ltd. 

Avira GmbH 

NETGATE teehnoic 

Google 

Microsoft Corporation 

InstallShield Software Corpo. 



files google\go... 



c:\program filesV 
c:\program files\microsoft of.. 
c:\program files\common fil... 



c: Window •:=" .systemSSSnyc, . . 
c: \windows\system32\nvm. . 
c:\program files\quicktime\.. 

n-SmiioHniiinSrfhHnnl nuo 



|^ (3) ISUSScheduler InstallShield Update Servic... InstallShield Software Corpo... c:\program files\common fil... 

,v^ ,^J NvCplDaemon NVIDIA Display Properties ... NVIDIA Corporation 

[^f g( NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation 

|^ t^ QuickTime Task QuickTime Task Apple Inc. 

^ 4% RTHDCPL Realtek HD Audio Control P... Realtek Semiconductor 

|^ |^ SunJavaUpdat... Java(TM) Update Scheduler Sun Microsystems J nc. 

,v^ ^ THGuard TrojanHunter Guard Mischel Internet 

|^T "^ USB Antivirus Antivirus software Zbshareware 

■i^j j C:\D ocuments and SettingsVAII Users\Start Menu\Programs\Startup 

|^ *V. PowerMenu.Ink PowerMenu Thong Nguyen 



stems. Inc^ I - ^ 

met SecprfitJ ,JJifr .*m* J»*Ui ^^1 ^-J" 4 

= I ?^r 



^A j 4 J**iL ^Uali! f Jj jjfl Lulili l ^jt i fri ^ ^1 ^>lj^l <> J Logon <*2& 



115 



4j<n^niN Sj^Vt ^-a^j u-^i uilji^l SjjJ 



£&\ja ^\ 4llu*Jj 4 JJl Ji^ou <t*aai Lute ui*j UA < f tiaJt ^ J**j Jj jftaj 



.. 4iiUajj g^UjJ) £* J^£j 



O Everything 



Autorun Entry 



Logon l ^ Explorer .£ Internet Explorer J Scheduled Tasks 



Services 



Drivers 



Description 



Publisher 



Image Path 



f H KLM \S FT WAR E \M icrosof t\Windows\CurrentVersion\R un 
[^T ^ AntiLogger Zennana AntiLogger User In... Zemana Ltd. c:\programfiles\antilogger\... 

^ [ 2 avgnt Antivirus System Tray Tool Avira GmbH c:\programfiles\avira\antivi... 

^\ ^ FortKnoxPerso... FortKnox Personal Firewall NETGATE Technologies s.r... c:\program files\netgate\for... 
^ ($ Google Deskto... Google Desktop Google .— r\nrpnr i m f ilfl f\nnnn lfl \nn 



££L 



. . Delete 
$ gj ISUSPM Startui J-j; 

$ ISUSScheduler 

^ j £| NvCplDaemon 

^ [£} NvMediaCenter 



Verify 



Jump to.. 



$\ Q QuickTime Tasi 1 1 Search Online^ 

gf 49 RTHDCPL 

gf H SunJavaUpdat. 

[^ \^ THGuard 

^ ^ USB Antivirus 



Properties 



I lujjiil 1 1- 1 1 1 1. ■_ i L^%d 
Antivirus software 
£3 C:\Documents and Settings^AII Users\Start Mentf 
^ ^ m PowerMenu.Ink PowerMenu 




3 



groovemonitor.exe 

GrooveMonitor Utility 

Microsoft Corporation 

"C:\Program Files\Microsoft 0ffice\0ffice1 2\GrooveMonitor.exe" 



Ready. 



<> jA ciiaJ! £l ^) Sjl^VI f% 0' V^JJ « Sjfljl*]! >a!jSfl ^JJ <ajIa]| ft JA 
«-aLSjjJl TUjtJl 4_LuuiL ; J^^i <Ja*b i-ildil Jj^J jaL*uui <j£Jj aUaill Jj&£ 



LuU 



tgjj ^ b>L» jiauJl ^jj ji miVil l CAiL» ljka.j jj^l^l JjS ^> UJjUj ^ 

JS*J dusJ! aJ3U fCj^IJj t ^Jlfr aJ^1l*u» _S (il^J V l^i dUalil Ji& 4P Aaij<4 
; jl^^Jl 4^2 AaIj^j «-«IJjJ| JjLufllij ^Jc- \ **• UflJ «-«IJjJ| j^«l ■'++. (jbj 4»4jli 



116 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



(L>l Ui^aj ^jo^ll (^uj t 4jS|jj»JI ^fl JjSfl ^>Ujj]| ^^ui <> < _ ? 4jiJ UA yJ! 

. l^Jjij U^a-4 £liua <> Uk*l ^flil 4 A-aVI ^ Ulfr j 

System Shield : <^l g-Uj*ft 

^A Oaklu AjflJajj J$-uj i fUalll JSxi <|jU jlAa. 4ifLu jAj <^^» g^Ji 

; CjljUaJl <> 4c>l^» (ill jflajj lifJ <iljJaj 



Confirm Change ? 



*i*U^J .jLwl 








D:\nre\PI2.3.2\0000.exe 

Description: <info not available> 
Products: <info not available:* 
Copyright: <info not available> 
Comment: <info not available> 

Want SetValueKey 



\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\ 
CurrentVersion\Run\svchoxt.exe=D:\nre\PI2.3.2\0000.exe 



Allow 



Allow always 



Allow always for this Key 



tDeny 
■■ 



Warning: This should result from a software installation or configuration change only. 



: ^Uil£ UUx^j ^IjbiJ! jljji j^ij t JJL&I! 

. IJfj^u^l :: Allow 

. tub ^ujiI : Allow always 

^UiaJ! ij^j Uib ^ujiI : Allow always for this key 

^Ijj) (jfon jjj ^1 «-aljJl (j^*J dllfe buJa t xlal dUa-aj aAVI jAj :Deny 
J! ljU^Ij CJJjitt! J«afl l^lp. Jjbi 4 L^ JJLduil SJlcl £« LuliU &Uj2 ^311 



117 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



jj^Jaj 4jUfe ^ - ^''"'■"' ; jj^LjJIj Ajfllj^il CiljUfr £>-* 4jUt\| o JA J*j 



Total Uninstaller : ^11 £^l 

1 tltJjIJVI /J& £3>* ji Q^^ ' " c$i O* 4 ^^ AjIuuj ; tlaUjj Jj aaJL <J2ia£ JIa ^ 
U ji g-aUj^l IJA 4ixuiljj VI oaaiil liUlaj V AiLaJt d^A ^ifl t 4-uaai CJJjij 
Sjj-ua LlJ&Jl £a >UaIit uliLa <Ul£l Sj^>ua ikl ^I& ajSj tt^UjJ) SjSfl < ^fl.' 1 *; 

. CAi!>tilVI AjJjJ OJJjj^ail £jj ^J^-» t^A SjjiSfl SjIaaJlj 
^jj Lujj SLJS j&ul t V-^HJ^' g^-jjjll ^$-»j j ^*"i £u»Ujj]| Jj«-uij J*j 



LflJ_0_ Jil^T IJ^J-^L Ol<Jil_ 


■^!_l>^ i^lft-lpV 


8 ^ 






f_lll-iJP , 3 


il'kij^l, hh^il 



<iuJ3Jl ^Jl.uJI 



^jflLjuJ I jO.-jj-I ^ 






ljd-C »''■■" 



Jl^d! 



Processing installations. 






- 



Qj_ku Lu: I ac_^ajta 4SLaL . 



tiu^j^ -ii^jajio -1j^-;, ■ ■ 



^JUJtjJl j^t^. . 



ji^§jiJt£iJ 1 -il ij [ 



< _ny|_io.^'i jj l _^l. 



: ^131! Jl&L ^IjJI ^Luli jj^Ia ^ 5b£ jUilJV! Jsu 



118 



4j<n^niN Sj^Vt AAj^^j (Ja\ uilji^l SjjJ 



': — — = 



t-oLa jj>si u&j^. Ol3i[ OI_lj>*£ i"j1 a ■ I ^v 



- ?S » - « 



sa 



•.-. ■ 



i 



^ 



JAjtj 






uiaiLa 



Li/I JLjjEiJ I ■ . - j ^ 1. 1 1 = LsJ ! . Iit_i_m. f ■■ j-"^ j"i j ■ ■ar-fWi 



•£jab>Jl /kjj.1 



£ 
® 



Adobe Flash Player 10 A. . 
Adobe Flash Plaver 10 P.. 
Adobe Reader 9 Lite 
2 Ahadith Cjudosia v 1.0 
AntiLogger 
i Apple Application Support 



I*- Bi| JiLsj-Jj^^jaiJI...) 



-fl-Trl Apple Software Update 
CjftJ AutoPlav Media Studio S 



Autorun Virus Remover , 



• BookSmart® 2.9.5 2.9.5 
l ; Camtasia Studio 7 
CCleaner 
COMQDO BaddJp 
}& COMODO Cloud Scanner 
COMODO Disk Encryption 
Cornodo Dragon 




£f Avira AntrVlr Personal - Free Antivirus [J-^U*-Jl j£] 



~ J—-. ....._: . _.___-_. 



^ OLiLoJIjaLflj 



t 




•jLdLdJ^d) UjLil* W'li u 'J^i 



i^Lfij Jib 







s^Ljj^I Jj'^" ^uLafr ^uajg 

J*>3j 4 ^L^3 S jS3 ^JjAiwi 

jSri dUU sifrli *L^) ^kr 



4Liaj ^3j ^3a. (il]jj <Ute. o*J^W ■Jm-^J (|^i ^»<-Jjj]| JjKj ^jj ^jj US 

. <iL <>atiJ! CAiiall ^UaJ Jib U3jj33j g^Ujjil flS ^31! £AiU2t JKj _ ^ 

. «iU& JSfr J ^Ujj]| UliJ! ^31! j*\Ji\ Jlau -t 

. «iU& Jib ^Uj^l U1u33j ^ ^31! S J^Sflj CJUilJ! JJau _ r 

Jib U3j3 ^311 g-aUj^l 4tfU OH ^> OJ^ <A ****« & J& ^J 
O^ju jj^ h3&*\ £» t ^Uali! JS& Jib U^j ^311 ^IjSf! ^ * <iljU* 

JS& >»!jl 0^ ^J ' J^< JS^u ^ULJ! ^UaJ jA Jjlaail ^i 4uk JS>- U 



119 



4j<n^niN Sj^Vt ^-a^j u-^i uilji^l SjjJ 






110.70 MB 

36.19 MB 

Z7-0Z-Z0in*:£^ si.ssmb 



Cormodo Dragon 



35 installed programs r 27 system 



:W. 



[jjftl A vira AntiVir Personal - . . . 23^2-20 11 n : TR ^ 
' 1 BookSmartS- Z. 9 . 5 Z. 9 . 5 Z5-Q2- ZO 11 o: £V ja 
' Camtasia Studio 7 
(/^ CCleaner 

COHODO Backup 
COMODO Cloud Scanner 
n? COMODO Disk Encryptii 

% 






-B 
■B 
■fe 
•M 



antivir.oem 
antivirO.rdf 
avarkt.dll 
avbb.dll 



jiii Ea_^e Shift+Right 

j^iij.^^v Shift+Left 



j^dl^AJljl Delete 

,_*15^±> Ctrl+Delete 



Restore from backjp 




Exe , Scr , Pif , Com , Bat , Vbs 

l^jj V! ^Ij^i '*-" ^JbL4j j^ill Jjla (JVT 6% ^ L)i ^^ ^ M 3 

ja\j\ 4jKjftj AjUIaj *UaH] ^UjAjla Sjj^ i^b Jiliil jjJuJl (JJlij 1aj*j 

g^lill jJjkUlj V^j^l ^IjJ^I Jri> 0^ J^Vl ^ o^ai2 IJJ V) J^^lj 

. \Aj£j ffcSllj ^1 ^jj A^j ^IjJI UlA J 



120 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



jS o^aui! oi J) ^u^VW ^ ' <^j* J*A> fAfi OjjAj Jj* 1 ^ <# <^- 

uiLa Jj*-«u fJJ Vj 4-uiJ ^>Ujj]| AjL ^ SjjjS ^jil JjLujj Jjjla ^ £a1j 

. J*u AjljlaJl 4JV! ^ O^J V** J^ Wl ^C- j aail 

Sjjiil ji J&frij i £a\j^\ MJLum ^fl tua>uaa. t ^ j^miII jiaJl j^jj liJ 
jj& Sjj^aJ! «-«ljjil c^jjjjj djiui (j^^fl ^Luul&j «-«IJjJI J^a (j-a Luaj) * '^■"' ; ■'"' 

cji Jii jjjkij ^jii Sjlj] Sjj^ji g-ijJ! ciuis jk. a&u^i ^ijjiij g-aUjji! 

. g**.lll J> cit££! AuiiSj '""/UK * Lul aHLLaII ^aIj^I djlyi o^Lj Lufl 

.. SjUu-j Aa-uaj jjI J£j ^IaJ 



121 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



liU^UI (P^i 1S1B9 9«||j : gjlud| oujalj 



feaj|=J| 9 ijJa|aJ| 



jsjj oi jji osjj » ^1^1 <>^ ^1 ^ j^-2 4^1 ^ij^i <> j^i ^ 

LL j-aliJl <>*aJl 0» lP! V^ J LJJ^ ^ c^a^l jt^aJ) 4Aa* £j\ JjSfl >&1 
I JA <> JU2 j! £>2 ^! * U^Sf! £X4* U! * jt^jJI Jib *U& 6^ J W -^ 

a^Iuuj «j*^ij c Jjxj (jZsL* ftf^i ^uuLuuVI AajL^] 4^uuiL (jVI dtJjjjVI 
Jl£j Ac jLuuaIIj Ala.!^) CJljjkU! ^ jfcUI! 4 J-^lj ?iu±\ SJj.1* l#?.jijJSj 

iybii i^ji ^ ^ii 4 UjJb AJjila U f>iia ui^j jjjkiii oi ^ *b 

JjUJ £l £jJ 1 Zjak Sjlafl LU AjIw IjJjjj L> £jaJu UlJjfl 4 Jjj&i V ^l^-Vlj 
^jjI! ^lc £l Jij! J± AjU UjSJ! &i t^J <> c$J 4jj>" *L^I A^l^ua 

4-ualiJ! <iA*l\ £A£j£l\ <_£ju Ci&Ualuu! M H V flc <>j 4J! :: * \jpA\ JjL 

jjku-jj 4 jL> jL£ (> jjSI Jl J«aj Jfl jUaJ ^ JliJ (JjU ^! J& Lu>-a 
!! . JIL* jl^l 0^ ^ ^ <^i ^ f^» L^ji ^Ujj]! 

AjajIjISj JjJ ^fl AaUL> ^j A^ajlj jU-ujL l$*JJJJ ^uj t 0^ (|^ <-il«^J**l 

^jj ^l^ JjS 0- Oj^il JbaVI 0< VI t AiuajSf! ^ £_LiSj 5^ o^i^ 
LUjJ ^i AclS £t5 j! ^jfS! o-!j Jjki Jfl ^ill oiu-aJi]! ^La j! Ujji& j! 



122 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



JsS*^ >^JJ ^ <> ^>J ' J£*^ J J^ ja*^' -^JJ <>J ' cA*^ ^-^ J^ 1 

.. 4J|jj <^LuJb j^Sf! flaJlj i jjSSn (-ilfJ) f .£4! 

< AjjJj Jjla <ilUA £)i ^*J U 1 4*W * </^W A^lj^l ftJA 4jIV llialjxluul £jUuj 
iJjVt^V) ^xaAi (jlajxloLiuij i JJLuuJI 4-alaJI fcfr*^ J**Ai W^ 3 O^^^t l>JAj 



.. <biu]| Sjj^is Jjjlwu aj jjji j «_a1j 




UlJ 
.jJ^juuiJlJE jLgj' I 

OLuj^LJIcOLmiLldl " 



Mozilla Firefbx 



# 



Microsoft Office Outiook Ui^J 



Media Player Classic 1^211 
icrosoft Office Word miyz 

Media Player Classic F *""", 



■ --hj jJ-^ S^a 5I ' ■■ **ua 



- — ; — ^f V 




hii Windows "lLj 



asa 



123 



jAuwj j5J^ 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



f b>Jl <j-j.il! ^uiLu. tklJ jfiaj 

Netstat -an >&l uiSIa 

SJjIjIIj SjJUa]) Ctfb-ajVI £iAa. jt$lal >>l jA j 



ca C:\WENDOWS\syste 


Tn32\cmd.exe 








I 


as 


<C> Copyright 1985- 


-2001 Micro* 


soft Corp. 









C:\Documents 


and 


Settings\user>netstat - 


-an 




1 


Active 


Connections 










j 


Proto 


Local Address 


Foreign 


Address 


State 


; 


TCP 


0.0 


.0.0 


:135 


0.0.0.0 


:0 


LISTENING 


; Jj 


TCP 


0.0 


.0.0 


:445 


0.0.0.0 


:0 


LISTENING 


■ * 


TCP 


127 


.0.0 




:1033 


0.0.0.0 


:0 


LISTENING 


j^j 


TCP 


127 


.0.0 




:1063 


127.0.0 


.1:1064 


ESTABLISHED 


:': 4 


TCP 


127 


.0.0 




:1064 


127.0.0 


.1:1063 


ESTABLISHED 


! ■* :■] 


TCP 


127 


.0.0 




:1065 


127.0.0 


.1:1066 


ESTABLISHED 


1 ' % 


TCP 


127 


.0.0 




:1066 


127.0.0 


.1:1065 


ESTABLISHED 


\ :::■! 


TCP 


127 


.0.0 




:5152 


0.0.0.0 


:0 


LISTENING 


\ ' ■ 1 


TCP 


192 


.168 




.108:139 


0.0.0.0 


:0 


LISTENING 


\ ' j 


TCP 


192 


.168 




.108:2799 


74.125.230.144:80 


ESTABLISHED 


■ 


TCP 


192 


.168 




.108:2824 


174.37.] 


L06.5:80 


ESTABLISHED 


\ \ ' j 


TCP 


192 


.168 




.108:2835 


188.161 


.245.147:80 


ESTABLISHED 


j ■ : ;:: 


TCP 


192 


.168 




.108:2836 


188.161 


.245.147:80 


ESTABLISHED 


''x;:-:f 


UDP 


0.0 


.0.0 


1445 


*: *■ 






'.'. ^. 


UDP 


0.0 


.0.0 


:500 


*:# 






1 ' :■:= 


UDP 


0.0 


.0.0 


:4500 


*: *■ 






1 ■ :: • 


UDP 


127 


.0.0 




:123 


*:# 






••■ 


UDP 


12' 


.0.0 




:1900 


*: *■ 






Li! 



. JUa2VI 4iU ^^jxjj state ^13 <> j 
ESTABLISHED + LISTENING &&*** ^i- Sj^ JL^f! £tfU 

^Ui! jku^li LISTINING *A* Ui*j ti| 



cv C:\WENDOWSVsystefr32\cmd.exe 



<C> Copyright 1985-2001 Microsoft Corp. 
C:\Documents and Settings\user>netstat -an 



flctiue Connectxons 


Proto Local Address 
TCP 0.0.0.0:135 


Foreign Address 
0.0.0.0:0 


State 
LISTENING 


TCP 0.0.0.0:445 
TCP 127.0.0.1:1033 


0.0.0.0:0 
0.0.0.0:0 


LISTENING 
LISTENING 



0.0.0.0:135 *jP* < <>^» a»j^1 cJ*3 

O* Jj^ JU^S! jkiLj 4 djt^ Jib J*ilb C jii. &+X\ I * <j! tA to j 
. CJUjk-4]! JLSluilj JLyijj <|i Jxiib JLaSV! 4iU ^11 jUaHVl 4JU 

^ tf Vl ^ 0.0.0.0 



124 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. LjJc S j^Sf! JL J! l^-uij JL-jl JjUifl <<+2A\ <J Ja.lj Jl^A un, 



j JbSluil * '^*"' ; ""' /JiAi L^j L^Li. liila (Jjjjj tjlaIjjJ) (j^a*J ' '"''■" La *La<ui lilLvw 
V! cjVUJ! (> ja£ <^ iiL»Il f tJ&lujt 0^ Vj * ASjLaa ^j CjUjJjlaII Jtuijl 

ESTABLISHED *A* ^^j I J) 



TCP 192.168.1.108:2824 174.37.106.5:80 



im;iiinniw 



ESTABLISHED; 



FORIGN ADDRESS J\ v*^ 

Aijx^j Jluuil aSj]|j ijpA\ £JL IjSU s2 H ti| ^^ 0*-*^ J^ 6- ^ 
^2 jt£i V Sjj^]! CJte^JI £4 O^J ^ii^ ^J ^ >M lib £l£ < <ili fcSj^ 

>v t.rvj. v ^ </vi lib oi f*^ 

lib ^jjiH 4&aJ <|Jt$A ^k- oVl A^iuaj! ^illj IPMAP &J* & <|» > 

dl jflaj jl (jijjiaJl 6^ 54*^1*11 c^ ota-Jajj ^SjJI lib Ulkl jj . j^»VI 
tjUJi! ALU-j J£j jJaluufl * ji^a ^1 41 j^Iaj ^ IJlj * IPMAP 2^>« ^i-^a 

/http ://www.ipmap.com 

4JjAaI| ^Jia. <£1 jfc laj 1 ■■ ; JljfiVlj ^)>oi) (j^ ^L»jIju» jUjiab (j^U% Jflj-a jA j 



125 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



IJA J^i> L$a> flu- u^» ^tUbU uiUiJlj cjJjittl cU& (Jlljt <ill4 (jijSL^li 
Jlxu o£ o^2 ^ OJJ ' <^4* <> U*M ^UV ^J^* ^ ^ lPW 4^ 

. iiL <j^L%3) JjsLwuil ^UaiS CJLajjfl J^£< ^ j-ui <iL»L»t 



.. CJ^LwajVI Ajfllj^j j^^ ft 4jUfr J^-uu QA^Ji 

TCPEYE ^jj 

* jIj^jj \Jja o-J^I ^ 4jjL^» ^ uajII (iL^ jSjJ AjSI^I ^ £j!j £aL3jj 
. CjJjaj*VI ^ <iL ^LualiJI 4£jaJI 4j3!>«j 4LL& jIjaLu*! .ilJL^Lj 



.CPEye 



File View Options Process Help 



M Ia3 <? tf Tfe. -ff 



Process 



Local Address 



Remote Address 



State 



isr; 



ul.iu ni 171 inn Mfwimfr r^ HMH<i223UDQ :0 

tonec.corin: 1026 
i' l ll l iyi l ll I J i m 



ullj^ Jl y^ii^ AjImJI JLuuj) 



HMH-0Z2: 



gi' firefox.exe 
^gp firefox.exe 



LI5TBMING 
ESTABLISH 



1027 
HMH-OZ23LIDQ^ZS 
""" ^j ZBUDQ :1I 



1 



E3UDQ :5J 



lP*J 



gj? firefox.exe 
firefox.exe 



netbios-ssn 
i23UDQ:1087 



HMH<i2Z3UDQ :Z751 
HMH-0ZZ3UDQ :Z 756 




*/ Resolve Adress Ctrl+M 

*/ All Endpoints Ctrl+A FTABLISH 

tSTENING 
tSTENING 
J_QSE_YW 
■-: ..-.-■■ [STENING 

JSTABLI5H 
FTABLISH 
FTABLISH 
i FTABLISH 
JTABLISH 



„^ Close Connection Ctrl+K 
End Porcess... 



-ffl Properties 



. Copy Items 



. Copy Remote IP 



126 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



cjjj^L OjSjiiu Jjil^l JUL) U£ ' ^) >^» Oi *w*i Sj^» *£^ M= 

. 4-ai£ ^Lc ^ ♦ ♦ (ja jjSV 4-*Lua £iULu dJfrli ^ IjjJsj CJj^ua 
Port V^J g-^" -^ fi 0) * ^JJ^ ^* 6 Jj*i 4"^ J ' ^^J *-"' f$^ 

:: J£* 

^^Jj^ JLP*1 £^-b^ 81 ^jjj 
OJJIW £* U J^ 3460 



127 



Y% U 



4j^^nill S j^aVI *M-a^j 0-«i (-i)jj^) SjjJ 



>1=lJ| jjpaJ9 49 j£0 cjuJltuj : i>oLjJ| ijujall 



^S Cjbjjjjiail <ja (jjal AuiJli lift J^b Maj^Iui La <jl AjIJj JS^j <jl uaj 
aj2lLu4 lA jj^j <^tj >Vi AijAl] uLuu^il lift JLuij) ^j ^j-aj c Aj (j^l^il ujLuo^J) 

i^aIx!) ^juji ajaIulaIi jLuu <ji sj&l* (jjia i^^j < *^ <j^1a1i ^Aajj^i 

. AJ Ajx^a jjP A^LoP LuiLuuJ tgJV 

^Ujj 4 Aj *&LA^ua JL^jI uiigj JjSl^Jl Ala-uiljj ajLuut *jj ^ill oL?-^ J* 

. LW jjSUpb JLuiSVI U\ 

hsuZAS Js. Jaliai] <il]jj » jjSLp JjS <> ^u^l Jtuaft! ^jla jt£LI ^ 
ALjLuu <JJJ&lj jjjljil '-'^^ ft j] /V*-*^ ' J^ isi i$W cP-^jVI >i*J /jJA> JjjjIaJI 

j^JI JL^il bpku,!^ fh Jil\ 3 i <jM JLuiiVI 4i*> jjSUp jfi^l 4tii 
jaI jt$A Jib 0^>J> Jj*-^ 2 ^ if**i ' c>^^ ch^j Jj^WP' JW»j ^ j^ ' M l 

• ^lUil fa— » w j ; ■' La 

Li>Sj 4 jjSbpi & jlj^V! ^bjj Jib a^^i jl^ j& LiUH : ISM 

i bbwuflll SJ^aL Jjibpl JL-iS! flj 0» C> V^S t ^u^dl JLuaj^b 4-iakil dJA 

. JjSbpi SJ^L bUJJI S J|^i cUS 



128 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



CJUUa ^ CJVt-aj!^ Gull Ltf jfijj ^1 ^Ijjib 4£jjlaII uultu/l ^j! JJjj 
<il] j ^jmi £Ujjj J^" J^ <A$ ' <fjl J^ -^J 2 V-»J *-U^ AjUsJI 
JL-aWl Jjbu ( jj%il £4J u*^ ) !iS £aUjj ck 4^ *V; (#jUi! jl-toJ! 

xxxxxx.no-ip.com 

. 4j (j-flLkll £ljJ*Jl 4cll-fl .AJfr djtiil ^Jib xxxxxx 0^ U^J*^' £r* 

xSIjaJ! qju Jx4j <j| uaj t (jj2a ail fl&J uua (JLlujj^JI < fl£&j J£ bula 
4>a.ii. aJ&j 4_L4Jl^ CJLSjJij Aluala (JJ^ 2 (JjLLuuj^Jl o4b t-ilc-l (JjLLuuj^Jlj 

JjlaiL Ci^jfU J>-ajil UaJaluilj JjSl^l JULl 54 !iUla JjILail £l£ jl ££Jj 

J%1| IJA Ujj ^3J1 fc>£Il Jl ^Stuaj JLyijl fJ*yi iwflji &*V i^J^ fi#* ^311 



Process Hacker g^ji c>- 

JaU 4JI ^juw * dJl^A Jib CjLaJiJlj CJVLuajVlj tibial 4j3|>4I ^Ujj 

jgj£j ( IgJ jIjaLuiL AjUH (jl U1J ^^Ij SjAIuLaJI AjUjil AjIaP ^ Id2k JJA4J 

(ill jglaj 4-dtS Jl AiLdVb 1 4b * AiaUil £4ljJl j£ jc f Ja> Aluai* CJUjk* <£1 
(Ja 4^j£t ajj i ■■ L&a jjjSJIj l4b 4 ia^uaiL tlaUjj ^V ^JJJJ ^ja^aU t^VL^jVI 
fia. aa-ub g^Ujjil <# 1& LLa$j U VI £>2u ^1 C&J ' M^l J>"^ J^ 

:: j>^< ^J^ 



129 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



,0 Process Hacker [HttH^223UDQ\user3+ 



Hacker View Tools Users Help 
Processes 



\ia 




Services Network 




ystem IdHProcess 
System 
3 srnss.el 
'\ csrss.exe 



"Hhvir 




PID 



CPU I/O Total Private B. 



winlogon . el ^e 
services.exe 
H CLPSLS.exe 
Q nvsvc32.exe 

B Q svchost.exe 

Qmstordb.exe 






75.00 


4 


16.41 


1728 




1372 


0.78 


1968 




2036 


0.73 


583 




600 




684 




2800 





1.03 MB/s 



72B/s 



1721 
2.03 1^ 
3.35 |h 
7.05 r^ 

5761 
5£12* 
6.67T^ 
7.41 1^ 
4.99 i^ 
17. 53 h 



2 Svd G : \WINDO WS^vstEm32lp vchost * DcomLaunch 
□ svd| File: 

Jib oVI J*iib J^ JX\ &*\ j*M ji cjUakJi ^ulS ^ j : Processes - ^ 

IjjU jjSt^l $ 3^* jjp ^AilS g^A j < cjU±SJI ^ilS g^A j : Services - t 

. ^i^Anii i ji^ii yJp J^*j <a^ ^Ujjiii oj^aii ^ 

^a 1$ gjiluiS jij ela) jJ) a^i\1 jxj A^lail <a^I A^jliil ^ j: Network — f 

TcpEye &^ji CP cj*^j Jl^Mi ^1>a 



USEGuard.e* 



Terminate 

Terminate Tree Shift +Del 

Suspend 

Resume 

Restart 

Debug 

Reduce Working Set 



W Antil_ogger.exe 
♦). RTHDCPL.EXE 
i& avgnt.exe 
\J± KeyScrambler.e> 
S l£0 IDMan.exe 

J$ IEMonitor.ex 
I TweakRAM . exe 
': iTHGuard.exe Affinity 

m <£' Portable Snaglt. Create Dump File 
B 4? Snaglt32.exe Terminator 
E3 TsdHelp.e Miscellaneous 
E3 SnagPriv. 
E WINWORD. EXE 
Ei §£' firefox.exe 

13 plugin-contair 
; B ProcessHacker.e 
nS_tray.exe 
S WinRAR.exe 



Priority 
Proper lies 




Search Online Ctrl+M 
Copy 



130 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. ^Uj^il <jp&! * hl*xl\ Lit*! : Terminate - ^ 
^ u Ail£j 4^1 ualli! : Terminate Tree - t 

AjI^SI jiAaj : Suspend - ? 

. UiiAaj j*j 4jL»*JI Jjx^u SjIc-I : Resume - * 

. 4LL& SjU>1 fi <>j ^UjJ! j^&l : Restart - • 

ci ^mftti ^>UjjI] ^jS1» JjKj : Miscellaneous - 1 

ijatu f bi SjLJ ^jMnn * fUaUl ?tai <> g-«Ujj]| <ajS ; Priority - V 



. £^-o^' <>alj^ : Properties - A 

. £^-0^1 £*-*J : Copy - * 

iexplore.exe ^aUI I ^ <l^.j ^ .£ O^-jj^' • j * 2 " M^ 

jll ^»Ujj ^1 jj iiiJjjJVI ^L-al> ^»Ujj AjL>*i Terminate J**j £"5 IJI 
. o^J> -i &£*>* ^^ «^t ^^ ^^ ^*-*j J#«-^ ^Jtelj 

Explorer.exe **&& ^*J £*b^ &**> c^* 2 d Jj^ 

JjLwU Jj*J ^»^JJ <^^J IJ)j t fjJ^J XP JJ>%J c£' J jj-%^ ( . Anient ft ^j 

±&JA Network ^-*jI^ <-*j) <■ •!& J*^ (J*b^ £^" ^ ^^*^ f ^ ^ 



131 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



. Process Hacker IHMrl-0223UDQ\u5erI+ 



Hacker View Tools Users Help 



Processes | Services 



Network 



Process 



Local Address 



Local. 



Remote Address 



Rem., 



Prot. 



State 



Qalg.exe{1376) 


tonec.com 


1032 








14434 


TCP 


Listen 


QcOSService.exe [1530) 


HMH-0223UDQ 


10 26 


ecZ- 134-73- 


153-19... 


443 


TCP 


Close Wait 


(2? firefox.exe {1672} 


tonec.com 


1031 


tonec.com 




1080 


TCP 


Established 


B firefbx.exe (1672) 


tonec.com 


1030 


toneccom 




1081 


TCP 


Established 


■ firefbx.exe (1672) 


tonec.com 


1033 


tonec.com 




1082 


TCP 


Established 


(Bfirfitaiese ri672) 


tenet ami 


M2 


tenet mm 






1083 
80 
30 


TCP 
TCP 
TCP 


Established 


® firefbx.exe (1672) 


HMH-Q223UDQ 


3470 


74.1Z5.Z30.147 




| Established! 


U.Jl £_. f-iCTPT 3 ! 






evHn-flOO.lelOO.net 


Established 


^V TireTDX.exe \io/zj 


nHrlHJ £ ZjUULJ 


J"T/ 1 


_3jqs.exe (11 5 Z) 


tonec.com 


515Z 


toneccom 




1035 


TCP 


Close Wait 


3jqs.exe (1152) 


tonec.com 


515Z 






Z29 


TCP 


Listen 


[J J KevScrarnbler.exe (803) 


tonec.com 


1034 








UDP 




C3lsass.exe (.3.32) 


HMH-02Z3UDQ 


500 








UDP 




™1ka« pvp fll?"^ 


HMH-n?:^ inn 


4Rnn 








iinp 




j /fliii /-j /tfV) <*-* / 


wan /i,i vi«n nil 2 


^4U> 


A\ S j a* 


a UaLa! 


*U= 


9* 


U£bula 






CJljLpJI jj^j ci^lu^l JL^f! Jfr <>#! jjlb laL^lt J^k <> jJa 






: ^L U Jac AjMII Sjj*-a]| ^ 



i'JUd LUI ICL.LUIII 



WTO 74.125.230. 



iui:j 1 ^.r 



i_^Lauii^i icu 



Go bo Process &iber 

3471 evHn-f 100. 1 " rruu=& ° ,ua 

View Stack 



5152 toneccom 

5152 

1034 
t;nri 



Close 



: stablished 



Established 
ilose Wait 
isten 



Copy 



Ctrl -HZ 
nno 



JUojVI IJA ^Vmij ^1 ^>Ujj]| jj AjL>*il ^1! ujaJI ^jjlu Go to Process 

FireFox ^^jj ^Jl a Ja ^i ja j * 

j!>U. ^ jjSI (IiUjkAi ^i^al^l ^i Ajulajj ^j <|Vl ^uij ^jKinn Copy 

Process Hacker ^»^jj 



132 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



HeapMemView £-aUjj 

Process Hacker £aUjj J*^ 
: Um L*m j^a HeapMemView fr^jj F& 

[d« '.' ; : ■ 'SpSinns Help 



Data Address 



Header Address 



Block Size 



Heap Handle 



Segment In... New 



DataPr 



Select Process 



Proce. 
'■^508 

Qsss 
Qeoo 

(§ 632 
QdS4 

3#j 923 
^936 



Process Name 

HeapMemView.exe 

SnagPriv.exe 

THGuard.exe 

CLPSLS.exe 

nvsvc32.exe 

VVINWORD.EXE 

svchost.exe 

keyscrambler.exe 

svchost.exe 

USBGuard.exe 

AntiLogger.exe 



Process Path 

C: , iPOCUME~l^LiseriOCALS~l\Temp\par3EX9Z. 736VHeapMemView.exe 

C:\_^-^ jJjtaVortable Snagit 8\AppV5nagPriv.exe 

C: program Files flTojanHunter 5.3\THGuard.exe 

C:\Program Files \COMODO , ' 1 CGMODO livePCsupport\CLPSLS.exe 

C : \WINDO WS^y stem 3 2'fivs vc 32. exe 

C : program Files Microsoft Office \Office 1 2\WIN WORD . EXE 

C : \WINDO WS Vsy stem 3 2'^s vdiost. exe 

C: program Files ty<ey5crannblerV*ey scrambler. exe 

C : \WINDO WS System 32 '£ vchost. exe 

deprogram Files'-JUSB Disk Security\LlSBGuard.exe 

C: program Files\Antil_ogger\AntiLogger.exe 



OK 



Cancel 



> 



Hi r Soft Freeware, httpr'^vww. nirsoft.net 

Select Process *-*&* j jfri"i V - *^ ^f»jll ^ d ^ 



133 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



:: ^Uil£ ^UjJl ^UL ^ <>j < ^ djiM U^l jUiJ 



p y v __ %i 



G 0X00034100 
G 0X00034280 
G 0X00034360 
G 0X0 015 2 2 CS 

■ 0X00167848 

■ ox02e?iebo 

G 0X000329C0 
G 0X0015CC63 
G 0x00332a00 
nvnncHOflnn 



0x000340f3 
0X00034278 
0X00034358 
0X001522C0 
0X00167340 

0x02e7lea8 
0x000329bS 
0X0015CC60 
0x003823f3 



t 

112 

112 

112 

112 

112 

112 

120 

120 

120 

■ion 



0X000301 
0X000301 
0X000301 
0X001501 
0X001501 
0X026701 
0X000301 
0X001501 
0X003801 
nvnn^ m 



02E71EB0 
02E71EC0 
02E71ED0 
02E71EE0 
02E71EF0 
02E71F00 
02E71F10 



6D 6F 
2E 6E 



68 
6F 

00 00 00 
00 00 00 
00 00 00 
00 00 00 
DO DO 00 



6F 62 
2D 69 
00 00 
00 00 
00 00 
00 00 



2D 48 

70 2E 

00 00 

00 00 

00 00 

00 00 



00 00 00 00 



^- _JdWliUL«_ 

ooo o s.o.f.t.w.a.r.e.\.M.i.c.r.o.s.o. 

ooo o s.o.f.t.w.a.r.e.\.M.i.c.r.o.5.o. 

ooo o ....f.t.w.a.r.e.\.M.i.c.r.o.s.o. 

ooo o 

ooo o ....s.t.e.m.\.c.u.r.r.e.n.t.c.o. 

ooo o nnohob-HKR_google.no-ip.info 

ooo o fit". ..*... *...+ .. +..P+..p+...+ .. 

ooo o ....a.l.r.p.c.:.[.D.N.s.R.e.s.o. 

ooo o .*s..*8..+s.<a+s.-+s..+s..+3..+s. 

nnn q * Tfr-i.tFh4.--t. ± ± ± 

4B 52 5F 67 6F 6F 67 6C 65 

69 6E 66 6F 00 00 00 00 00 

00 00 00 00 00 00 00 00 0J& 

00 00 00 00 00 00 00 00 00 

00 00 00 00 00 00 00 00 00 

00 00 00 00 00 00 00 00 00 

00 00 00 00 00 00 00 DO DO 



mo ho to - HKR_go ogle 
. no-ip . info 



j^jl 111 .b_u_l ciuiSUj Vjxla Jj£U_ 4jaA*-1 v_iL_aL_I ^1_1 ^i duijfll 

OjjJ 4^ 1$ju_L_ ^111 «jL_l_I ^ j-uli g-al-JjJ c$\ Jj-*-J *---i_)i IJI Ul r j*_l 

. v t__! !_* ^ J 

^l_l ^ ujJ*>-' c^ *&£ Z^ &* Uj^" 1 <- *JJ--M *-* 0^ k- 5, 
Jl Aiuijj 4l>lu_l Sj>u_l ^ jf^j <|_l_ >U_1 duijfll Jc Ul^ua^ Jju 

::Sjj^__I ^ ^JjLu-I c^uij^JI ^Js. jjjJaiui ^_4 t 4Jtu»jJl (j_j ^» <^l— I Jj-sVI 

abuse@no-ip.com : ^! J*->-l ±jA\ 

In this client No-IP : mohob-HKR_google.no-ip.info 

This client is used for Hacking 

please punish this client 

I believe that you will take care about this problem 
Thanks team NO-IP 



134 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



jjjjj(J| cfiJfi 9^||iJ| (pad : giuliJ| |>ujaJ| 



AAb-uJ Jfl ^jfr £fi^» <|! ^jjaJ V ^21) jJJI^aJIj g^ljjil jj£J b» bub 4 uiJUSfl 

ob£ £>a aSj i ^L^J^ ££- '*"\'..' * A "'f A Jj^ W^LajLa ^ ^b 4 <!-%<>> uilJAl 
JJl\j SjjiaJl CJlfrboJ! aJA Akuiljj bUaaJl J^j ^ ^Llluu! aj ul^j 
CJljJfl jV) ^ ^J-uaii c-iutai tJA (_>iui t 4jjj*J1 Jj^l U^j bpljla uiuibUj 

Q*a\ ja^\S >%te. >j (> JS 4jU*j 4 ^iLi 4jU». Jc IjLj&I a£»j) 

CJLu*u)jAil jjlajj AjLaajI j£fl jAu jl Lnlc- ljaj c (j^ 1 J' U^ ^jflO* Aijb^-4 
4 J^aflj J jVinnil ^J*il JS*il JJJ^ bjjlu. <> ^211 JjSxJl JS >CiJj Cib ci aJlj 
AijC- ^> JJjj *A j& 4$aj <> tgjc- &aJ!j t$J tiLuAilb bjjJUaj Jti\ 4jjal* 

. Sj$-wl1I *t$2JI ^JC- 4*4^ J ' f J^l 

<> *A £uli <£& I jjl£ jlj 4 ^blxLul Vj 4 f{2jia> Vj t tlia*j jAfl a£a$j V 

^ ajIj^II £*ib) v-jSjjj ^2i) Aj^ui^ilj AjJj^uil UJbUai&il jSj ^^ J*^' 

' J J ^ *-^^ J^ J *^^^' ^%>*'j ^^bj b>uujj 

^bjj 4 bxilj bfljju 4J) jSjCJ ub^il IJA ijLyi (> ^^ ^j^l Jj^l U 1 -^J 1 V 
dJA Js- -kiuui) bjflj J^jilifl t JjjlS ^ >S 2JijJ JS t j2S! O^J ^ 0) ^ ^ 
aA jJjjj aI t jJl*J LsJxj ^yaXAui qa! JjiaSt JjSj ■ ■■ A f Luut ^J& J^*JJ ' U^J^ 



135 



4j<n^niN Sj^Vt ^-a^j u-^i uilji^l SjjJ 



Virus Total : JjSf! &j*l\ 

u**i£l\ Jl^aJ! ^ (j^aaiit ujlH 43.Jj A^ulil jlflalj ujlk^l uiUi! <>aai 

/http ://www. virustotal.com 



VTCommurtty Sign in' 



Languages ' 



►3 



VIRUS 
TOTAL 



Virustotal \s a service that analyzes suspicious 

fries and URLs and facilitates the quick detection 
of viruses, worms, trojans, and all kinds of malware 
detected by antivirus engines More information,.. 



Analysis Search Stats Advanced VT Community FAQ About VT 



Upload a file Submit a URL 




i &j$J>iA Cajjju) 



Service load ■ 




A \\a& cA^ Lift hi*^n 



D Send it over SSL © 



Send file 



IT V&U wrsn. you tail also send files via ema or usi pg VirusTotal's cuEhc A 






(Maximum file size: 20MB) 



Send File jj J& ^ ^ fi <>j ' *£ &j&**l\ uiUll jtfiJ ^ jj U£ 

. *L^k2 |V'"V ^J^ uiiUJl Jtyujj AJ 



Sending file 



*C 



Do not close the window until the upload ends. 

The time required for this operation depends on 

the file size, the net load and your connection 

speed. 



a 



7.5 KB/7.7 KB (97.4%) 



136 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



fjj A^iuai! J^l ^ Sjj^uaj djjaJ <^!j ASjLJ! 4-4jtiI! jjfrk la^U 



File name: 
Submission date: 
Current status: 



sawwwwa.exe 
2011-03-17 21:24:34 (UTC) 
queued (#1) 

rwmwmm 



j^su J± _Jaul\ 






VT Community u serfs ) with a total of Q reputation creditfs) say(s) this sample is good ware. VI Community 
userfs) with a total of reputation credit(s} say (s) this sample is malware. 



File name: 
Submission date: 
Current status: 



sav/wwwa.exe 
2011-03-17 21:24:34 (UTC} 
finished 



Result: 



42/43(97.7%) 



& Compact 



VTCc 

( 

not r 
^^af= 



ubili^l wiUSI <UJ 







Last Update 






Antivirus Version 


Result 


AhnLab-V3 


2011,03,13-00 


2011.03,17 


Rt n-T r o j an/ Pel a on . 3 1 9 2 . M 


JintiVir 


7-11,4-243 


2011.03,17 




E^3,?GisonIv.A.3704 


Antiy-AVL 


2.0-3-7 


2011.03,17 


EackdGsr/ftin32.Eci3QnIvY, ge i 


Avast 


4,3-1351-0 


2011.03,17 


Ein32:Tiny-AI>Y 


Avast 5 


5,0.677-0 


2011.03.17 


1H.Q32: Tiny- ADY 


AVS 


10.0-0-1190 


2011.03,17 


Ba c tC&D £ , Gene r i c9 . M£L 


BitDefafcder 


7.2 


2011.03.17 


TrDjar^ 


IfeylGg-ZKT 


CAI-QuiEeHeal 
ClamAV I 


11-00 


2011.03-17 




I TX 


Bac^dD: 


i . -ciscn.pg 


0.96". 4.0 


2011.03.17 


t*--:^- 


LwnTruirfPT— -Sdqflft 


CCHLTltDUOp 


5.2-11.5 


2011.03,17 






•\ ■:• ^. .-.Cj ■ 


qx , j . gen 1 E Ids rsdo 


Cc.modo 


3015 


2011,03.1' 


BacJrdcG 


r. Win32. Fciscn.NAE 




5.0,2.03300 


2011. 03-T 
2011.03,1: 


jA 


w t j ^ i * 


DrKeb 


Bac^fcr, ^U^d . ii4i| 


Emsiscft + 5,1.0,2^ 
eTrustiJiet* t *+3€.l,£221 + 




^ r iru's^Win^2 , Pcisc* ! IK 

j *. V> 1 . «l 1# >* jT* 1 j 


2011.03-1 
2011.03,1: 
2011.03-1; 
?nn .m.r 


J 




Ji 1 |3MiUM 


AJUV 


"aimjui 


W3 2 ," Age .^fTS . gen Ny-ds rado 







137 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 






ThreatExpert : <^1 gyl\ 
http://www.threatexpert.com 

Sign Up J\ v^» J^ <> fcM 1 J J*r^ v*< 



Your Details-: 



^User name: 

*Type passviard: 

dl: R e by pep bsswq rd : 

* E-mail address : 



TornhearT 



z8-3@live.com 



£&j*l\ ^ J j> , n *m *p& 



ftpl-t^n =>1 T n f ^^>" =n i-i <~* " - 



pr vacy is ensured by our Privacy F 



First Name: 

Last Name : 

Company: 

Address: 

Phone/Fax: 



ham 



hij 



Gaza 



Gaza 



[f you would like to tie contacted to receive more information about ThreatExpeft 

LJu I vjauld like to b>e contacted 
Note: Your privacy is ensured by our Privacy I 



iKha ra cte i »^ m i>see rn th He 

c* 



s p cttire: 



*Ty pe ch ara 



4ISSr 



138 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Add sample 

Browse/Search My Reports 



Sea rch : 








Got a New 


Sample to Submit? Follow here W 











R<==;il||- C 1 - 1 nf 1 



2^a,>*t } d ^ j ^ lvti 



Submit Your Sample To ThreatExpert 



File to submit? 
(file size limit is 5Mb) 




Your E-mail address: hmh321@gmail.COm 




Your privacy is ensured by our Privacy Policy . 



To submit your sampte r you must read and agree to Th rea tEacp e rt Term sand Conditions : 

LJ I agree to be bound by the Terms and Conditions 



The progress bar will track 
you r upload: 



fi Df Submit 1 

. 4-uaai *\ja!\ (JLtlt jUl! - \ 
Submit jj ^a**Sa» fJ 



File Submission Result: 



The File has been accepted and is currently being processed by ThreatExpert system, 
In a fev/ minutes, the newly generated report will be delivered into the following location 



V 



» Your E-mail inbex 

» ThreatExpert Reports section 

• My ThreatExpert section 



139 



4j<n^niN Sj^Vt 4Jj*^j (Ja\ uilji^l SjjJ 



. jijti\ Jl^jj ^j Ujjj !>Uia jkijj £tj 4 JL^jVl ^Iap ^UL dj^S 4JL*j 



^f Threat Expert 



: Ji^ C-^ 



Submission Summary: 



o Submission details: 

► Submission received: 17 March 2011, 19:05:51 

► Processing time: 7 min 10 sec 

► Submitted sample: 
File MD5: 0xA0C6213FD97AA4D539B45733SlDGBDSD 
File SHA-1: 0xF412C4CED1774A3275411FEBCB89333DB53S25A8 
Filesize: 7,680 bytes 
Alias: 






Backdoor. Cradoorlrem [PCTools] 
Backdooi\Ciadoor ► [Symantec] 
Backdoor.Win32. Poison. pg *■ [Kaspersky Lab] 
BackDoor-DSS.gen.a ► [McAfee] 
Troj/Keylog-JV ► [Sophos] 
Backdoor:Win32/Poison.M ► [Microsoft] 
Virus. Win32. Poison ► [Ikarus] 
Win-Trojan/Poison. 3192..AF ► lAhnLab] 



M 



Registry Modifications 



u The folio wfng Registry Key was created: 

► HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Se 

o The newly created Registry Values are: 

► [ H KE Y_LO CAL_M AC H I N E \S FTW ARE\M i c ro s o f t\Ac ti v e S 

StubPath = "%System%\sxxx.exe" 

so that sxxx.exe runs every time Windows starts 

► [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows 
svchoxt.exe - "%System°/a\sxxx.exe n 



so that sxxx.exe runs every time Windows starts 






140 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Anubis : ^^ £b^l 
http ://anubis.iseclab.org 

t ]^ jjjS jUaJ Jc ^ ^Vnnj qIja jA j i jiuw ^Ujjj]| £t£ jlj JiA, £iULjJt 

UIl» ^aLuia Jluu 4-uiJ jjki 4 JjSt^l Jlilaj £* jjji] £Jlj Jiaj ^-alj 

.tf jiyi US J^V! ^ J^aSf! jjiu Ala <Lk j * f^i Ojjjkj jj%J! 

Anubis: Analyzing Unknown Binaries 



Home 



Advanced 
Submission 



Clustering 



News 



About 



-Choose the subject for analysis- 



For analyzing Javascript and Flash files try Wepawet. 

Choose the fiie that you want to analyze. Th e ,fi I p rniisr' 



W File: 
(max. 8MB) 



.file mil ship 



tii^ jbHV 



Windows executable, (details) 



Choose the URL that you want to analyze. The URL will be analyzed in Internet Explorer. 
Mot e: We wiii not analyze a binary that you provide vi a this URL W e wiii merely use a browser t 
O URL: download or similar attach 



http:// 



CjJjI jl 



— Get a priority boost 

Enter the code that you see in 






andr 






gfr a nri your gt i bm i gB i ot i will be analyzed before all auto 



jAjl\ LpUSJ 



^ 



Ui Jax^at 



^hs 



ubmit for Analysis 



i J^jil J^«Aj *j (j^j 4 A >f^* ±\ja!\ lA1a!\ jUiLj 4 Sjjj^Il ^fl ft^lj jA Ia£ 

Submit for Analysis jj ^ iai^j 

i*L2a <Lk gSj^t & J-lJtt JM& JA ^ M*J < JijfcW J*^ *Ljfi J^J 

. <^J^1 Ji (> W ^ 
Task Overview 



Task ID: 

File Name: 

MD5: 

Analysis Submitted: 

Analysis Started: 

Analysis Ended: 



10a0233d6b8c804349de76d351eb6a673 

sawwwwa.exe 

aQc6218fd97aa4d539b4578381d6bd8d 

2011-03-17 21:50:24 

2011-03-17 21:50:26 

2011-03-17 21:54:51 



Created Hew Analysis Report : Yes 

Available Report Formats: 

Download Files: ■ traffic, p cap 



S.H.TML QXML fiPDF ,2) Text 



141 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. j^l Ji^ l^ jjjfcl! c> bj] HTML e^ i*^ 1 J*^ 1 <> 

- Ikarus Virus Scanner 

Virus.Win32.Poison (Sig-Id : 15181BQ) 

Ikarus j* QfjS CjIujjjjA £flH« Jc- uiUlt jS>^l o^Ai 





LuUUj JaxJ ^Lui: 2^4i *j! Uliu* ^iii *iA Cjj^Ja |J] 




- Registry Values Modifit 


d: U^jj^ 1 ^j^* 6* ^AJ lS^u]! SJlPj ±u 




Key 




r 


H KLM \S OFTW ARE\M i crc soft\Wi n d ows\Cu rre n tVe rsi 6n\Ru n . 


_*^^^^^ 


^ 



HKLM\Software\Microsoft\Active Setup\Installed Components\-C75F37CE3-E146-AE46-32&5-lC30FD8AlA57} I 

. ^Uallt A.lVini^ (J- 4 lP) UJ^J UjIIIj *UaI3t J^Luu jj2 4jjLuu jb dj^J *UaI3t 



3^) sauww 


£i^j$l\ jj^Ia ^5U jjjftJl Jiyyl ^ 


- DNS Queries: ^^^^ 




Name ^^^^ Query Type Query Result: Successful 


| n sa kj h w2 72 . n o - i p . i nf o ^| D N S_TTPE_A NO 



Network Activity ^13 <^ J$%J * ^^jfrM j*j ^^aj^il ^i U ^a! IJA 

No-IP 
DynDNS 



142 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



abuse(£>no-ip.com 
abuse(£>dyndns.com 

; SjU-uij A'littj jii. j£j aI^J 

<> IjSj 3te^t ; JjSl^JI Jlilaj ^ J^ j^ j*i c dti <> j$S! cJttll jlAua! 
Jfl Ifrip £jSlui tAj^ ' <^j ^^juj ujLBI! CJljlSf! jl SjiV! J^l t$£U 



143 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



oa* 



•• • • 






: J 9 (J| U"jal| 



«£> jLii<J| , ^alaj| . <=JU^=kJ| |ie jUMiUI 



uiljJai £>aj J.'***" "I 4j1 CJJjl&U 4 *) £lml AjIjj ^j j^Jjj Cj\ * ; a ^M * '^"'■■■; 
JLmj IfLauAS jjC J^ju CJJLS 4jjIc JpljJ 0-4 If Jj 4 I4J j«aa. V JpljJ SjjjC- 
l^LLuu Jxj jl 4 $J>»» ^Sj jl LjJLSj jIjjj L&Ifr Li-Jail &> jj c ^jLucI 

fliAuaSflj AIUjlSI £a Aiualjjj t AIaC AjIc jjjjj^I ^ (|^lj 4 4jj*1£- ^ £SUil 

Attl £Jb 4-aJllil o-JJ^I J^ (> J^ajLw f*-^l I ^ <A?. « W>k c^&LuJ V ^2J! 

. ^A^-,,,.At) jixj <_£ jJ uflx^alt JallJ (>aju Jp^C-1 (JS AiLuaVb 
££L cjjja. g-aUjj JjIj 5Uli cj^jS ljIcj>^.^I g±*S cAL± ,ji t (iU& j^» jj£J 

^aIjjJI ^> (illj jjC- jl ja-L-Uil J& Sxa <> J* Q m i \<\\ \ ^ £aLJjj <Jac4 
Aj^A j ^LaIS SJjJ& CjUujLLs ^j ILLui Uj£J ; aaIjJI d JA aIJaIumV JaJl jA Lad 

. (j^a-ui ^) (Ja Sjbfr ^1 ^ ^tjj^ (Jjj Vj 4 xaajij La JS ^J^a^j (jl (ilLjl t (iLdS 

Lu j& liLs (ill tV* jj a t uj jC- uj alujb (ilaus aKI lillj^^ aj (iL^l SLai j^j JAfi 
: jja\ &% tf^l dj^a. OJ^J & L$J> t AjJUJI g-aljj Js. 



144 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



• >Vl 
: 2lA\j1\ SjUdl JSjS diaJl <ilja^ ^ y^- Vj! 

^>Ujj]| ^*jj) ^ Site: mediafire.com 

cjliUil Jjaaj] jj^Aa qIja ja j Mediafire £*>» <^ ^ ^j1 ^ l^*J 

i lJ_luj! Zlxl p cr wJl (j^a*J 4_4jj£ Aa.ulJ ,J& J^Jj £)' Jj^J ' ^-^J^ '^ CP 

0*3jM $&* cH ^j^ ^-££1 £ Ssi Sjiui4 t^JL£ jJ ^ jA JjV! v-lu-JI 

AntiLogger £^-L>j CP ^ ^M ^ J J J^ 
Site: Mediafire.com AntiLogger :SjIj*^I Oj£i*-a 



j^j iO ( 


site:mediafire.com AntiLogger 




,_^^ 




(0.25 :^ja ^) e^u o* 156 ,J\^ 



Zemana (Official Site) 

zemana.com Makers of Anti-Logger. The#1 Privacy Software. Download! www zemana.com 

[ ^Mi *$, .^j ] . Anti-Loggerrar 

Anti-Loggerrar. ... Browse Shared Files. Anti-Logger .rar. (6.73 MB), remove 

ads. -Password Protected File -. Please enter the password below to download ... 

Jwww mediafire com'?Mlcsxcmtq6M3 







^^K 2emana.antilogger.1.9.2.169.rar 

a.anj**G9ger.1.9.2.169.rar. ... Browse Shared Files. 

?T(7.15 MB), remove ads. - Password Protected 

File-... 



Jilo gger 1 .9.2.243 www.ex-dot.com.rar 




|; www mediafire. com/?znuq5tntugc 



com. rar. ... Browse Shared Files. 
www.ex-dot.com.rar. (6.65 MB) ... 



www. mediafire com'?t5diTi48eyb8G34bi 



femana AntiLogger v1 .9.2.242.rar 
Zemana AntiLogger v1 .9. 2.242. rar. ... E?Nqwse knickknack2009's Shared Files. 

Zemana AntTkriqgfirvl Q 7 ?4? rar ffi fi5 MR> 



WWW m e d i afi re . c o m/7 1 2 s r4 a n a vt 6 9 b78 



145 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



£A>*j ' Virus Total £$>* Jc- aLaaj j*j Luajj £u»UjjII <>aaij £l JjU 
l^ d J>"J tr**^ J 1 *^ J& £*U^ oaaij <il]j j*j i Anubis J*k^ 

* duij 4jU* ^i j-uaSj rfi db! t 4j Jjjj t <iL jlj <> JS j t <iLk. ^UII >Sf 
JjU 4 <Uj$-uij djljc-l ^jj £)i (ilblj t 4jUaJI JjL-j <>» J^lj <-iJ^ t^-^-i 
OjJ Aj3ae\ V LSI Jb> * Jila OjJ 4^H 6- J* <^^J VJ^ ^ J^l 

: ^3Vli c$jj*j SjLp ^1 jl Buy jl Download 

Zemana AntiLogger lets you: 



~= — 1 


A— A— A— 1 


^■?^^^M 


— 


1 r^7"£ 


1 TV ■**■*■ «;Hlm >»w ■■■"-■" 


; 1 ■^^™ 


■a , ,'.1 ■ u 


— 3--1 — - -J. A ' 


nAP^ 1 ■-iw-wi 



* Surf anywhere and download anytl" 

* Do your online banking with peace 

* Increase your PC protection 

* Defend against hackers 

* Protect against keyloggers 

* Guard against screen grabbers 
Get Zemana Today - We Guarantee Y 



Buy Now 



More Info # 



Download 
Now 



DOWNLOAD 

mm SOFTPEDIA" 



2rver 



din rhttp : //dvn . zemana . conn/Pr oducts/j ^ntiLogger 
/2emana_AntiLogger_1.9. 2. Z43.exe 1 , 1 " hank-You- 



1.9.2.243 > j!A-j >l 0» ^^ 



146 



Y% U 



4j<n^niN Sj^Vt ^La-vj u-ai uilji^l SjjJ 



cSGUII oujal| 



I • II II I II *I2 I A 2*111 

U ojojaJ o jotaJ o 90 uJ <ojxiL pc jLitJjII 




• 1 ■ • 1 



^jlaJ ^IjjJ AjuUII ^blJlaV! &** cJ O^JJ^I g*) JS f jjJI Jj%l! J^JJ 
jl jjJjiilj CJj^l ff-atjJ f !j«ui t liL <LuaLaJ! «»«|jjj'| XX4A Cj-Iajj t ?la)j^| 

. f* J^J ^i J^'j J^iJ 

. lj^jjjA ^»Ujj 4x* JaUjj jj$-uu» JlJl»l jA j PSD JlJ^W <-*L» 

. CjJjjjV! <> tij^ Aio^il CJliUi! JjjL&S ^ CJtijJall 4£l* 
. xjUu ^ Lj 1 uj tlaJ 4jU& <3j*-a CJJjl Ulj 

uii&Sfl ^ A»>» iaLiiiL qJlL ^>Ujj jAj 4 WinRAR g^lji ^ ^ 



http://e5terq, 







775 



1774; 






■ 



-_i±. iB _ i u 



. - ' — 

■ 



4£J~~ 7 



1Mb . 



147 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



er « 




jUaJj lit jUliJ 



I jttfas|| **M I 










i ■ ; 




j^UVj^^iM^ 


.liJcJI || wljLa^ 


^bs»| r^ 








2 


_,**— ' 












II 1^^ 




■ • ■ . £ l_T > 1 


■Ljfijl_ji j\l 1 jQ-JLir 






■» 










djrAJfciJ I JtuOL 


f ■ 








■*■ 


OLfilflJI JI_LiJiLL*j.| 5 flJLr[ 


■ ■ ■ j - . . i 'j-i i Tj\LE^_fciijJ l 
























RAR® 




1 


^■Qiil I ^^rl J uiLfl i-Ljujj Li tSj 


zipO 






1 tJjASJ 3-^3 G 


Jb=-aJI ££j 










■qi_*l^gjoJ I OliLLflJ I ■irjjfcl Q 




■*■ 


i_SiL^ 






■djlf l Ji£ t_jO L 'PJjlSj 








: 


^a^j^i jfl?D 




' 


































1 -filfe 1 






i mm& ™^ 


















^^^^^^^^"■» > >-lj^.Tl|^T 1 »j a ^..l|,-;. 










1 #fel*54 








^L*^ 


stxtiiS lliiiiiii^l *-.^lll II A,v*v || .bUii II «iik«l »Js 


:. j_... . _."w : _ 


— ,•> 
















'~ J 




QJlfcll $f§ 


f| 




'Program Files' ^s *Lii[ ® 
.^JbdljhtiJI^ifL^iO 






■ 1 1 — 






■ , .-jJii iiBiTiALa OljLJ: 


.-IjLiu; 


, , . , J3UAJ 1 fitf -kJ-iaS | 










I 






* .iiii'll ^fllJJJ 




jpg.WT | 


^jJlLvfyl Ji$ JtsJii 


a.jpg| 






ft 
















+ 4 * 


^IjiSfi qJbdl £&]f$N i» 










iia 




tjT * 






OK 1 1 Cancel Help 




i — « — j i 1 1 — — — i 



148 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 







| eL>jJI I 5yji || iijiLil j ^1 | ui^u' || JdLqJ-! J foil* 


-- 


i 










^^^^ ^ljJti_jL^4U _?Lj-jjuji 








M 










3 




program Files" ^ *l_Liul ® 

^j- jJ 1 j L^_ 














- l_^l liinJI -ftiL=M_ui.'l 5 £l£s> M 
















*■ 










1 


T^\>. ■ -■ \' \ L p r -j j g i j'l 'i 








3% jpg.WT 






^ij^i-kj-yi tJ*s tJjs-jloj 






pp-^F a,:ipg 




1 

2 


/^ 






■i^L 






^D fl±Jbfc]| OllJ-L^Vl iii> 














..Q& 


i™ ~ J LUJ_ 










L-ancel help 



. * Jt Hit £4 g^l (JUlt full UlSij - Y 

. JJLuuiL 4 uaLaJt CjI jL^il AjjjJ LIajI JaaLuaj — T 



^^1 Lii^J -bi^ : fOA^c 




— oJl^kkJ I iuajJ I 



■JI^juoJI O'^c 



\luaLoJI iuCkiJ! 




. Jill fill) jUiJ _ ^ 



149 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 




Jaielt ,-JCc 



OLiLoJ I J I i.r »rj 3 ^Ijiiijiuif |. ® 

oLalaJ I ilij-kij 3 ^Ijiijurl. O 

kiis i^^^flJ I OLgLqJ I tIu.j^ O 

OLiLoJi ,jJ_&*±LlJI±LJik* 
lOliLaJI jjtoQ 




2ujti$\j qaZI u^Ij gsuit (just ^UjLi jjjij ujji lit _ r 



http://e5terq. 



775 






774 



V) _ij;_tJr Abba) 







*>.".. 




■Ulrlu lu- 




■j 


w 




H 


■B II !■!'■"■ 


i« .- 






+taM«fW..MI ■ &-.. 11** 










TO 

■i ^il 


• 
h 

■ 


' 










'— . p 








4 










~ 


— — . 


1 






_ „,,. 


j 
































d^a Uj ^Vuhj & JJ M< ^ ^^^j O j^V 1 n (jJJI ^Jjj ^ SjjlaiJl L*j]jj£ill 



150 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 






151 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



«£JLJ| oujalj 




CjUjjaJI jj CjICja^aI) jj CJtuJl £S\ja <> IjjI Jjy^l JjUj V 

. t$jfl JjJjj* jJ*il £$l JaJIj 4A jaulaJI 

. AuAW fjja> Ubui Cjjj! I Jj f LSluil 5b CJllflai! ^ ^JaJLy.) 

<jV 4£xuiit (jaAHuia J£j IaLaj Jjj j\ i <iL <LuaU ^H>"l 4£xuu ajaIi ■■! 

J! <^L j! <iljU* <> j^lj U J£ ^ o^aoil £jku-j ^Jill Js. £yk 

CJUjia-a U& CJUjiLAll dJA (JJ-»Ij ^ cjJLuail ,jaj 4jj$-ui J£j <^JW}a 

qa L^jjjjjj ULaaj JjUj i zlaIjjJI CjIjI.1^1 tiij^l IjjIj IajIj aJaIumI 

^ I^jST * 4jjj*J"1 CjUiual! ^ dnJ! jUi! JjUj Vj V*-^ U$*3l ja 

. l£j& TJLaIjJI ajxJj aj 4jjJ^1 AiJI ja £j£ ^J^ 4 J> <Uj-a.La La) l-lSUlS! 

<il] AiLyij! ajj £&ja j£ £& JjUj Vj (illuaj La j£ ^S jSH Ji IajIj JjU 

. Cut* Aiujjj ^j jjC 
4JL-J £jfl JjUj £ji <ilU ^jjj^IVI tilJjjjl JjL-ujII <>a*J Jj*aj JU ^S 
^fl (JjUfij^il Ttjflj J; a ^"' JjUj Vj < Ijja. Uj-lua.o <ja JSLU1 <JJ J 

. V-JJ^ ^^ ^ ^ *Jluijll 
t-ujxll gLAlJjjil jvuj! <_jj£I t LajIj <iL *L^UJI Sjj^il jjj^j /Jfr JAJfrl 
«. dj^^wi j2 ujxil J^J a] I JIj ; r>ui ^-aIS djljaj 4-JJ^tj J3j§ ^ <^& 

J^lut i-AJ^J rj^J J§ ^jjil £2ljAit TlL^J ^ j£j3 A^J^» /Jfr JAJfrli 

£d£ ji UIjIj fcjfu. J£j jjku-j ^!j Aj^Uil jSIjaJ! ^ja) ^ ^ 
jaj U JS J jAiilt JjU t .fU AjIjj djj&j * djjJJ AjIjj jUi jSiS 

UjJJJJ <&! d^jSi UIIaS t AJjS JluU UftkSSj ^ji! ^AjkA^l ^A JaUj 

JIjJIj i (ilj^l jjjjuji ^j^j j|j USfl t (iliA aj*jjj djjc. UIjj ^ <*A^ 

4i&l£ -S jjiJ! ^ 



♦ 



♦ 



♦ 



♦ 



♦ 



♦ 



♦ 



♦ 



♦ 



152 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



f 3 ^ V £j-uu* file <^ IJj±> Ck££l CJtlaaJ j*j diJau iSj jVl AjjUS 

4 (|JJJ^I JjIIaJ! <U$j V 4 ui^j j^-aj Jjjj 4JLuuj jaC- tiiajj jl JjLa. 

Jc ^ CJLuL^Vti jUSl! JjS jULuali ^klt j*2u JjUj * >S! flaujj 

jjij .da i UJiJj UjjLj ^ioJ! ^k- Ifajlal jLSflSfl Ixuij 0$lu£ V 

( ; Jaa 4JI (> ^SjjI ^j]| (ifcLia. jJJjj 4^ 

4ilij jjiaj «^»ljJl oi& ,Je- ^.>U..frt) (iLjMil^ ,Jfr cH*iau £>* j£ aIc- 

. uLuaJl ULJ 4ail Ul&J La LajJ J^J ' 4jk U^J^J 4^ O" 4 J^ 

jSf £Alai ^j c«f UaaJ! jjS! jjSI ja Jj » ^^kkj V bl&ta ULuJl cOuJ 

LJ>jj UJc-l ^> Jl UlS ^1 JjU Am\\ JjJc- f^ ^Sj« ^j ^Ja! 

Ajui AJaJluili (iljjJ^jj aII jl ; Ala (j^Iaall lia> usu^l ^ai AjuJall 
CJxij AaUJI jjSj Jfl jSJjj t dju» Lfa±klu.l Lai 4j&Lu2>V) 4-ui^il 
AalaljC- SjLuuil JjL* <UuiiIH (jilj-aVI c>a»J UJ^ "^J ' ^^ ^ '^*. 
(j^»j (ilia oiiki La JS 4jaaJ ^ uiiauj <0il Aj^j S$h t Sja^VLj djjSJjj 
t ia.1 ^L JLaSV! AijL^a ^i Jjlal! ^afl! ^llkiui! JjUj Vj t <iljJfr 
JLaJl j! cfljJLu-j plall JL$1\ Jjli^ !JA jSf <4ti jJfrJ JLJ! u^ajfrj 
(ilillll ^ ^<UuUuii ; Ajfi Ljflj jl )^a> J^-u*il j* 4 ^^ ^"WJ djSjflJ ^ill 



♦ 



♦ 



♦ 



♦ 



♦ 



♦ 



♦ 



153 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



.. JJaflSf! J^Sf Lj-aJte JJJJUJ 4-aSfl o^A 



^iaIuiaI] uitttll Jj^ fc^J ' ^ ^-^V' JjW <> J* ^ ^i 4;Wj ' 



. «%u- J SjI^I LJSJjIj 4 L_Uk j 4 USflj ^1 



154 



4j<n^niN Sj^Vt ^-a^j u-^i uilji^l SjjJ 



33 



. Sf ijiii ^i£ii cjSjii ^ o^i jjL jS >ij < 

A^uiflj J^t (J^ O - " ^-aHujLuj Jjil £pb (^J^li < fj^l &f tjj (^A Jjjl Vj 

(j\ j\ dLij^l\ jl ljLxaaJ! jl CJLuLuijAil jl S^Uit (_pa*j U-1I& TTj^j o'j 
c-ijsdl ^La laJL nail 4_jIaaJ ^j^J^ 4-uu<uuj«« SjUV Sja^j CJfljj JLaj aC-J^s q'**- ■ * 

t t^Jj^l ^VmmU ji^ai! <> ^IjJ £L$2a (|jAjj CujjjVI <^fc ^LJa £$^a *LL 

<# ^ji^H <Jj^> ^j U>uu ^ 4 &0j^ V^?-* fc*^ ^j^ £-*L« ^*»i &* 

r. ' ^J ' "J ^J^ J ; ^'"'V ; " ^-Jl cr^^^J ' ^^^ ^*^ L>* J^W t^J**^' J**^ ' "^J 

f jj]| Llaa^ali * LL>!iUi ^> L2a*j Jjiaj J^JJ l)JJ^' lt^ ^ Lr 5- "' 
Hula) (j^ aIalIJj 1 1 V.U, „|j. I^t^^ >j (j^lifl) J^U (jilauj t ^J^' f" y$4 if^J* 
liuijj JjJju yfc ^jAJ V ^U> J ( f > ) UJIj 4 ^ jIjSj V) JA U Jiil o» 

^Ui! ^i ^JUJ! 4_jUu^| ^aj l«j^JIj SjUI! <> Ojjjj^! CjUa^aj ^iS3 Vi 



155 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



. 4j£. i-'a! ,^t| tg, f V.-v jjjjtui JJ^J JJ^J 

JjtiJI U^aU jjj*j <> If J* £j£j ^i ^j*i! cjUill <> J^l J* J* ^ J9-J 
(j^»j t (j^-£& JaL^VI (>a 'fl."*" ■* i iaAfi liuiiJI ,Je- £jjjj* <bfi UJjLa ^illj t 
ljU^ -* UjLj * U2lj.iL <>jj <ji uiaj Lui ^jfl^a * A^LJ! ^i Jl 4i£aJ! 

. 4jjj*J! AjI^IIj Sjill JjSaj uflJfj Ajjj^I 
JU^Sfl VJ"^ Jj^ V t U*-iJlj t ^jj^i <jlj t 4jjj*^ Sjaail (jijAJj V (jl j^jl 

l_La jL UjJij /Jbuj AJIaa m 4JV ' <&) (jJlj jjaulmj j„'**** ' M uiilj IJjjLa 

!! .. ffJ j£i f* V 4 UjUjV J*^aal Jfr J*i (> 4*3 j* 

4^1*-ljJ C)\ 9>u& (§\ Ritual Jjjj ji t Ual ^j iaj <> j-iaa <> jU fUj j^jl 
i tfl j-aLaJl JljaJl f&J A^aJ 4JL-j Ja-jj jj t jjSAa]) ^jjj^VI Jjj^I ^C- 



18/03/2011 &\j*U ^«-*^» f jj ii! i»au ^ 



156 



Y% U 



4j<n^niN Sj^Vt ^La^j u-ai uilji^l SjjJ 



m 



:: u^L V U&) Jib UjSJ ^ ^31! 



s»lw 



Microsoft Virtual Machine 2007 SP1 **«M <^ g-^j* 

Driver Checker £Aijj»2Jl OP ^ali ^>Ujj 

Driver Genius £Ai*j»2II 0& ^ati g^ji 

Mozilla Firefox *#j*l\ js***J\ g3>dt 

Deep Freeze tr**-^ ^SjaII ftiattl jj^j ^»Ujj 

Avira AntiVir Personal tr^jJt jSjaII 

FortKnox Fire Wall <^jJI fcSj-^l 

Ashampoo FireWall ^**jll jSj^I 

Zemana AntiLogger tr^jJt jSjaII 

KeyScrambler t^-jJI ££>aJI 

True Crypt ^**jll £&j*JI 

Autoruns f^SlI ck*-^ f -^ g*L« J^lSj 4jjj £^-L>j 

System Shield t^-jJI gb^l flM J^ v*L« £* U J* 

Total Uninstaller t^-jJt jSjaII ^>l j^l ^jjjjj ^Jal^ ^>^jj 

TcpEye ^VUaW! ^\^ <J Jj— £*Ujj 



^Ualil 4JJI>» £aUjj 



157 



4j<n^niN Sj^Vt ^La^j u-^i uilji^l SjjJ 



Process Hacker <^fL-ajVlj £aIjjJI 4jSI>» ^ J^> ^»^jj t^-jJI &y£S 
HeapMemView tr^jJt fc^l jj%^ <j^^\ ^^jfSI ialHiV ^>Ujj 



^jra 



Download.com £*' j^i d***^ <Jjj>»j J*** £f*» 

Softpedia.com £*b^ J^^ &£j*j J^> £*>» 

IpMap.com j^i ^i ^ c$t £p> ^Ujk*j <iL <>aUJI ^ ^ V! jlf^V &y 

Whatipmyip.com <^ u^UJ! ^ <|Vl jlffcV fib* 

Google Chrome Jb* ^>^ <> fjc-^i cjjjjjVI ^a^l ^AjjiJ\ q1ja1\ 

cjjjjjjLiii ^i^ii ^uii g3>»it 

TorProxy j^i t^aW giggj <j*£jfljjti 3LQj* cJjSJyi f ra . ni^ 4^^> 4iLdl 

Sjj^ib A^AJi ^jjjA4 

c-ijjjj^l /Jg Sjjjjy <Lual^Jl Jj«V^I cHJJ^j j ' gj ^ || SUaJI 



158